inurl:"/testssi.ssi"

  • 日期:2017-11-03
  • 类别:
  • 作者:Alfie
  • 语法:inurl:"/testssi.ssi"

  • *Google dork description: *Xitami servers distributed with a script for
    testing server-side includes, '/testssi.ssi'. This script is vulnerable to
    a cross-site scripting issue when sent a request with a malformed Host or
    User-Agent header. An attacker may exploit this flaw the steal the
    authentication credentials of third-party users.

    *Google Search: *inurl:"/testssi.ssi"

    *Submitted by:* Alfie_the-infosec_