http://blogger.xs4all.nl/gjvm/category/32941.aspxXSS VulnerabilitiesGodert Jan van Manennl-NL.Text Version 0.95.2004.102Godert Jan van Manenhttp://blogger.xs4all.nl/gjvm/archive/2008/09/30/415797.aspxTue, 30 Sep 2008 16:55:00 GMThttp://blogger.xs4all.nl/gjvm/archive/2008/09/30/415797.aspxhttp://blogger.xs4all.nl/gjvm/comments/415797.aspxhttp://blogger.xs4all.nl/gjvm/archive/2008/09/30/415797.aspx#Feedback0http://blogger.xs4all.nl/gjvm/comments/commentRss/415797.aspxhttp://blogger.xs4all.nl/gjvm/services/trackbacks/415797.aspx<P><IMG src="http://www.van-manen.info/arcenenvelden.jpg"></P> <P><STRONG>Release date:</STRONG> 07-05-2008<BR><STRONG>Updated</STRONG>: 30-09-2008<BR><STRONG>Found by:</STRONG> Godert Jan van Manen</P> <P><STRONG>Summary:</STRONG> </P> <P>The Search engine doesn't sanitize any search results. </P> <P><STRONG>Vendor Response:</STRONG></P> <P>Vendor has been notified of the vulnerability. No response yet!</P><img src ="http://blogger.xs4all.nl/gjvm/aggbug/415797.aspx" width = "1" height = "1" />Godert Jan van Manenhttp://blogger.xs4all.nl/gjvm/archive/2008/09/30/415796.aspxTue, 30 Sep 2008 16:51:00 GMThttp://blogger.xs4all.nl/gjvm/archive/2008/09/30/415796.aspxhttp://blogger.xs4all.nl/gjvm/comments/415796.aspxhttp://blogger.xs4all.nl/gjvm/archive/2008/09/30/415796.aspx#Feedback0http://blogger.xs4all.nl/gjvm/comments/commentRss/415796.aspxhttp://blogger.xs4all.nl/gjvm/services/trackbacks/415796.aspx<P><IMG src="http://www.van-manen.info/apeldoorn.jpg"></P> <P><STRONG>Release date:</STRONG> 07-05-2008<BR><STRONG>Updated</STRONG>: 30-09-2008<BR><STRONG>Found by:</STRONG> Godert Jan van Manen</P> <P><STRONG>Summary:</STRONG> </P> <P>The Search engine doesn't sanitize any search results. </P> <P><STRONG>Vendor Response:</STRONG></P> <P>Vendor has been notified of the vulnerability. No response yet!</P><img src ="http://blogger.xs4all.nl/gjvm/aggbug/415796.aspx" width = "1" height = "1" />Godert Jan van Manenhttp://blogger.xs4all.nl/gjvm/archive/2008/09/30/415795.aspxTue, 30 Sep 2008 16:46:00 GMThttp://blogger.xs4all.nl/gjvm/archive/2008/09/30/415795.aspxhttp://blogger.xs4all.nl/gjvm/comments/415795.aspxhttp://blogger.xs4all.nl/gjvm/archive/2008/09/30/415795.aspx#Feedback0http://blogger.xs4all.nl/gjvm/comments/commentRss/415795.aspxhttp://blogger.xs4all.nl/gjvm/services/trackbacks/415795.aspx<P><IMG src="http://www.van-manen.info/noordamsterdam.jpg"></P> <P><STRONG>Release date:</STRONG> 07-05-2008<BR><STRONG>Updated</STRONG>: 30-09-2008<BR><STRONG>Found by:</STRONG> Godert Jan van Manen</P> <P><STRONG>Summary:</STRONG> </P> <P>The Search engine doesn't sanitize any search results. </P> <P><STRONG>Vendor Response:</STRONG></P> <P>Vendor has been notified of the vulnerability. No response yet!</P><img src ="http://blogger.xs4all.nl/gjvm/aggbug/415795.aspx" width = "1" height = "1" />Godert Jan van Manenhttp://blogger.xs4all.nl/gjvm/archive/2008/09/30/415793.aspxTue, 30 Sep 2008 16:41:00 GMThttp://blogger.xs4all.nl/gjvm/archive/2008/09/30/415793.aspxhttp://blogger.xs4all.nl/gjvm/comments/415793.aspxhttp://blogger.xs4all.nl/gjvm/archive/2008/09/30/415793.aspx#Feedback0http://blogger.xs4all.nl/gjvm/comments/commentRss/415793.aspxhttp://blogger.xs4all.nl/gjvm/services/trackbacks/415793.aspx<P><IMG src="http://www.van-manen.info/amstelveen.jpg"></P> <P><STRONG>Release date:</STRONG> 07-05-2008<BR><STRONG>Updated</STRONG>: 30-09-2008<BR><STRONG>Found by:</STRONG> Godert Jan van Manen</P> <P><STRONG>Summary:</STRONG> </P> <P>The Search engine doesn't sanitize any search results. </P> <P><STRONG>Vendor Response:</STRONG></P> <P>Vendor has been notified of the vulnerability. No response yet!</P><img src ="http://blogger.xs4all.nl/gjvm/aggbug/415793.aspx" width = "1" height = "1" />Godert Jan van Manenhttp://blogger.xs4all.nl/gjvm/archive/2008/09/30/415791.aspxTue, 30 Sep 2008 16:33:00 GMThttp://blogger.xs4all.nl/gjvm/archive/2008/09/30/415791.aspxhttp://blogger.xs4all.nl/gjvm/comments/415791.aspxhttp://blogger.xs4all.nl/gjvm/archive/2008/09/30/415791.aspx#Feedback0http://blogger.xs4all.nl/gjvm/comments/commentRss/415791.aspxhttp://blogger.xs4all.nl/gjvm/services/trackbacks/415791.aspx<P><IMG src="http://www.van-manen.info/alphenchaam.jpg"></P> <P><STRONG>Release date:</STRONG> 07-05-2008<BR><STRONG>Updated</STRONG>: 30-09-2008<BR><STRONG>Found by:</STRONG> Godert Jan van Manen</P> <P><STRONG>Summary:</STRONG> </P> <P>The Search engine doesn't sanitize any search results. </P> <P><STRONG>Vendor Response:</STRONG></P> <P>Vendor has been notified of the vulnerability. No response yet!</P><img src ="http://blogger.xs4all.nl/gjvm/aggbug/415791.aspx" width = "1" height = "1" />Godert Jan van Manenhttp://blogger.xs4all.nl/gjvm/archive/2008/09/30/415789.aspxTue, 30 Sep 2008 16:16:00 GMThttp://blogger.xs4all.nl/gjvm/archive/2008/09/30/415789.aspxhttp://blogger.xs4all.nl/gjvm/comments/415789.aspxhttp://blogger.xs4all.nl/gjvm/archive/2008/09/30/415789.aspx#Feedback0http://blogger.xs4all.nl/gjvm/comments/commentRss/415789.aspxhttp://blogger.xs4all.nl/gjvm/services/trackbacks/415789.aspx<P><IMG src="http://www.van-manen.info/alkmaar.jpg">&nbsp;</P> <P><STRONG>Release date:</STRONG> 07-05-2008<BR><STRONG>Updated</STRONG>: 30-09-2008<BR><STRONG>Found by:</STRONG> Godert Jan van Manen</P> <P><STRONG>Summary:</STRONG> </P> <P>The Search engine doesn't sanitize any search results. </P> <P><STRONG>Vendor Response:</STRONG></P> <P>Vendor has been notified of the vulnerability. No response yet!</P><img src ="http://blogger.xs4all.nl/gjvm/aggbug/415789.aspx" width = "1" height = "1" />Godert Jan van Manenhttp://blogger.xs4all.nl/gjvm/archive/2008/09/30/415787.aspxTue, 30 Sep 2008 16:07:00 GMThttp://blogger.xs4all.nl/gjvm/archive/2008/09/30/415787.aspxhttp://blogger.xs4all.nl/gjvm/comments/415787.aspxhttp://blogger.xs4all.nl/gjvm/archive/2008/09/30/415787.aspx#Feedback0http://blogger.xs4all.nl/gjvm/comments/commentRss/415787.aspxhttp://blogger.xs4all.nl/gjvm/services/trackbacks/415787.aspx<P><IMG src="http://www.van-manen.info/aalsmeer.jpg"></P> <P><STRONG>Release date:</STRONG> 07-05-2008<BR><STRONG>Updated</STRONG>: 30-09-2008<BR><STRONG>Found by:</STRONG> Godert Jan van Manen</P> <P><STRONG>Summary:</STRONG> </P> <P>The Search engine doesn't sanitize any search results. </P> <P><STRONG>Vendor Response:</STRONG></P> <P>Vendor has been notified of the vulnerability. No response yet!</P><img src ="http://blogger.xs4all.nl/gjvm/aggbug/415787.aspx" width = "1" height = "1" />Godert Jan van Manenhttp://blogger.xs4all.nl/gjvm/archive/2008/09/30/415773.aspxTue, 30 Sep 2008 14:21:00 GMThttp://blogger.xs4all.nl/gjvm/archive/2008/09/30/415773.aspxhttp://blogger.xs4all.nl/gjvm/comments/415773.aspxhttp://blogger.xs4all.nl/gjvm/archive/2008/09/30/415773.aspx#Feedback0http://blogger.xs4all.nl/gjvm/comments/commentRss/415773.aspxhttp://blogger.xs4all.nl/gjvm/services/trackbacks/415773.aspx<P><IMG src="http://www.van-manen.info/trouw.jpg"> </P><BR><STRONG>Release date:</STRONG> 07-05-2008<BR><STRONG>Found by:</STRONG> Godert Jan van Manen <P><STRONG>Summary:</STRONG> </P> <P>The Search engine didn't sanitize any search results. </P> <P><STRONG>Vendor Response:</STRONG></P> <P>This vulnerability has been promptly fixed by Trouw</P> <P><STRONG></STRONG> </P><img src ="http://blogger.xs4all.nl/gjvm/aggbug/415773.aspx" width = "1" height = "1" />Godert Jan van Manenhttp://blogger.xs4all.nl/gjvm/archive/2008/09/30/415772.aspxTue, 30 Sep 2008 14:17:00 GMThttp://blogger.xs4all.nl/gjvm/archive/2008/09/30/415772.aspxhttp://blogger.xs4all.nl/gjvm/comments/415772.aspxhttp://blogger.xs4all.nl/gjvm/archive/2008/09/30/415772.aspx#Feedback0http://blogger.xs4all.nl/gjvm/comments/commentRss/415772.aspxhttp://blogger.xs4all.nl/gjvm/services/trackbacks/415772.aspx<P><IMG src="http://www.van-manen.info/ah.jpg"> </P> <P><BR><STRONG>Release date:</STRONG> 07-05-2008<BR><STRONG>Found by:</STRONG> Godert Jan van Manen</P> <P><STRONG>Summary:</STRONG> </P> <P>The Search engine and shopping card didn't sanitize any search results. </P> <P><STRONG>Vendor Response:</STRONG></P> <P>This vulnerability has been promptly fixed by Albert Heijn</P> <P><STRONG></STRONG> </P><img src ="http://blogger.xs4all.nl/gjvm/aggbug/415772.aspx" width = "1" height = "1" />