https://www.24hours.pk – XSS Vulnerability

Controversial Cyber Crime Bill approved by NA
April 13, 2016
propakistani.pk – XSS vulnerability
May 16, 2016
Controversial Cyber Crime Bill approved by NA
April 13, 2016
propakistani.pk – XSS vulnerability
May 16, 2016

https://www.24hours.pk – XSS Vulnerability

24hours.pk Online Shopping in Pakistan

 

Website : https://www.24hours.pk

Bug : Reflected XSS ( Cross site scripting)

Submitted By  : Haq Khokhar ( https://twitter.com/Abdulhaqkhokhar )

Location/ URL  :   https://www.24hours.pk/deals/search

Vulnerable Field : Search bar

Steps to Reproduce :
1)Goto : https://www.24hours.pk and select any City ( i.e https://www.24hours.pk/Karachi)
2)Now you can see there is an search bar so just past the XSS vector payload on here and hit the Enter.
3)After Hitting , you will get XSS Popup window.

Related posts

Secure AI system development
November 30, 2023

Secure AI system development

Read more
Cyber Supply Chain Risk Management
November 11, 2023

Best Practices for Safeguarding Software Supply Chains: Adopting Software Bill of Materials

Read more
October 24, 2023

Mitigating Cisco IOS XE Web UI Vulnerabilities – CVE-2023-20198 and CVE-2023-20273

Read more

Leave a Reply

https://www.24hours.pk – XSS Vulnerability
We value your privacy
We use cookies to enhance your browsing experience, serve personalized content, and analyze our traffic. By clicking "Accept All", and by using this website you agree to our Cookies and Data Protection Policy.
Read more