4 matches found
dorkbot - Scan Google Search Results for Vulnerabilities
dorkbot is a modular command-line tool for performing vulnerability scans against a set of webpages returned by Google search queries in a given Google Custom Search Engine. It is broken up into two sets of modules: Indexers - modules that issue a search query and return the results as targets...
googlecustom-xss.txt
Google custom search engine contributors invite XSS Vendor url: http://www.google.com Product Url: http://www.google.com/coop/cse/ Advisore url:http://lostmon.blogspot.com/2007/08/ google-custom-search-engine.html Vendor notify :yes vendor confirmed: yes Fixed: YES Description: A Custom Search...
Vulnerability in Google Custom Search Engine
Здравствуйте 3APA3A! Сообщаю вам о найденной мною Cross-Site Scripting уязвимости в локальном поисковике Google Custom Search Engine. Уязвимость в параметре q в главном скрипте. XSS: http://site/search.php?q=3C2Ftitle3E3Cscript3Ealertdocument.cookie3C2Fscript3E О данной уязвимости я писал в рамка...
CVE-2007-3484
Cross-site scripting XSS vulnerability in search.php in Google Custom Search Engine allows remote attackers to inject arbitrary web script or HTML via the q parameter. NOTE: this issue is disputed by the Google Security Team, who states that "Google does not provide the 'search.php' script...