inurl:".asp?strParents="
Author: Charley Celice (@charleycelice)
99% of sites I found using this dork are vulnerable to XSS attacks. The
"strParents" parameter seems to always be injectable.
Example:
https://example/whatever.asp?strParents=
"/>&CAT_ID=1337&whatever=1337&etc...
-stmerry