inurl:".asp?strParents="

GHDB-ID:

4245

Author:

anonymous

Google Dork Description:

inurl:".asp?strParents="

Author: Charley Celice (@charleycelice)



99% of sites I found using this dork are vulnerable to XSS attacks. The

"strParents" parameter seems to always be injectable.



Example:



https://example/whatever.asp?strParents=

"/>&CAT_ID=1337&whatever=1337&etc...





-stmerry