Title: Cold Fusion Web Server XSS 0 day
Own3d by: digi7al64
thx: WhiteAcid
About: Default settings in Cold Fusion server ensure it returns a standardized error page whenever a exception occurs (404,500 etc). This page then echos the user agent, ip and referer back to the user for debugging purposes....
Own3d by: digi7al64
thx: WhiteAcid
About: Default settings in Cold Fusion server ensure it returns a standardized error page whenever a exception occurs (404,500 etc). This page then echos the user agent, ip and referer back to the user for debugging purposes....
[ more ]