Serious Vulnerabilities Found By Deepanker Verma on shopping.indiatimes.com
Vulnerable Website:-
http://shopping.indiatimes.com/
According To the Hacker:-
"IndiaTimes shopping website has some serious XSS vulnerabilities which can lead to cookie stealing of users. And this may cause some serious loss to users. After going through some pages of the website, we (Shadab and me ) have found that the website is vulnerable to XSS injections and malicious scripts can be injected on the website."
Here are some screen shots submitted by the hacker to prove the vulnerability:-
XSS on the login Page
java-script Injection Vulnerability
Vulnerability on the product page
Cookie Stealing Vulnerability
iframe vulnerability
above screen shots are clearly saying that this website is truly vulnerable and has lots of loop holes, one black hat can also inject malicious codes and do marvellous harm
LINK TO OUR HOME PAGE :


Categories:
indian
,
vulnerablity