Security software firm CheckPoint says eBay usually filters out scripts and iFrames from item descriptions or online stores, but only strips alphanumeric characters from these HTML tags.
- Changes registry entries or otherwise writes to another person's computer hard drive.
- Creates automatic pop-ups except for links that open in a new window when clicked on.
- Is used to drop or read a cookie on any eBay page.
- Loads any binary program on another person's computer automatically, except for Flash content.
- Launches a song or video when a listing is opened.
- Overwrites any area in the listing outside of the item description area.
- Manipulates areas outside the listing description, including changing fonts, colors, and backgrounds in areas such as eBay headers and footers.
- Posts to scripts on eBay automatically.
- Redirects the user from eBay to another web page, such as using the "replace" script.