inurl:"/testssi.ssi"

GHDB-ID:

4610

Author:

Alfie

Google Dork Description:

inurl:"/testssi.ssi"

*Google dork description: *Xitami servers distributed with a script for
testing server-side includes, '/testssi.ssi'. This script is vulnerable to
a cross-site scripting issue when sent a request with a malformed Host or
User-Agent header. An attacker may exploit this flaw the steal the
authentication credentials of third-party users.

*Google Search: *inurl:"/testssi.ssi"

*Submitted by:* Alfie_the-infosec_