Tuesday, 10 August 2010

Google Store vuln.

4 years ago i had posted about XSS vuln. in GoogleStore:

GoogleStore XSS@2006 year

Today i had checked again , but others parameters.
And look what i found- an attacker can easy change file(image,etc) location to his malicius file.

Live P0c:

PS. probaly nothing special* as a vuln.,but its interesting why coders/developers of GoogleStore do so simple mistakes.

No comments: