Re: [FD] weblogin software cross site request

2015-07-18 Thread jericho
: Dork: intitle:weblogin intext:This page will redirect you to: A single site runs this 'WebLogin'. : Product:WebLogin What is the vendor URL? Or there is none, because this is a site-specific issue for lanl.gov. Worse, it has pretty aggressive filtering and will not render script tags,

[FD] weblogin software cross site request

2015-07-17 Thread Juan Martinez
Hi, People i discover a cross site request in this Dork: intitle:weblogin intext:This page will redirect you to: This cross site request is exploit like this example: http://target/Login:%20Weblogin%20%20This%20page%20will%20redirect%20you%20to%20 inject any word you want to screen in the