Risk: Cross site scripting, Cookie Grabbing, Phishing
- Dork wrote:
- "inurl:error.php?error="
To learn more about
XSS: Go here.
1.Go to Google, now type the dork
"inurl:error.php?error="in search results ignore all the extra results with different url Like: error-php-error.php
pick site with url:
[You must be registered and logged in to see this link.] only.
2.Now Type your first Tag to Check the vulnerability
- Code:
-
www.site.com/error.php?error=<h1>Test</h1>
3.There you go! If it shows you "Test" word in deader tag it means the site is XSS vulnerable.