Categories

Recent Posts

Recent Comments

Recent Search

March 02, 2010

XSS On Multiply

Posted by: Joy  :  Category: Vulnerability
Status : Active

Multiply LogoMultiply is a social networking service with an emphasis on allowing users to share media – such as photos, videos and blog entries – with their “real-world” network. The website was launched in March 2004 and is privately held with backing by VantagePoint Venture Partners, Point Judith Capital, Transcosmos, and private investors. Multiply has over 11 million registered users. The company is headquarterd in Boca Raton, Florida.

Multiply is also known for stronger user security than most social networking sites. Users can limit if their item can be viewed by setting security settings to Public, Private (network only), or Private (invite only) for each item on their site.

But lately i have also found a hole to insert XSS vector on their profile page. You can see it live on this page

Screenshot:
XSS on Multiply

What’s again next? :D

Incoming search terms:

4 Responses to “XSS On Multiply”

  1. 1
    rex adrivan Says:
    March 21st, 2010 at 4:02 am

    that’s really cool

  2. 2
    Joy Says:
    March 29th, 2010 at 5:40 pm

    thx rex
    the point is, to all multiply users, beware of profile redirection to fake login..
    anything possible..

  3. 3
    212 Says:
    April 8th, 2010 at 1:13 am

    caranya donk cuuuy

  4. 4
    John Gent Says:
    August 7th, 2010 at 4:03 am

    man your blog is just awesome i had to get that out my system

Leave a Reply

Comment moderation is enabled. Your comment may take some time to appear.

Narsis Corner



    :: Link Me Back ::
    = With Image =
    !CrazyDavinci!

    = Link Only =
    :: Special Links ::

Media-Box

Web Hosting Services

    Hostgator Review BluehostReview JustHost Review InMotion Review HostMonster Review

Popular Search