After reading the PHP XSS "exploit" (I dont know if it qualifies as one)
in phpinfo(), I found out that on the default page of the Monkey Http
Daemon, there is a Test of Supports section. Two links are included:
http://whateverhost/php/index.php
and
http://whateverhost/cgi-bin/test.pl
index.php just contains 'echo phpinfo(); '
Also, test.pl doesnt check for valid input on the forms, so you can
include HTML code, etc. Pretty useless, I know, but I've been reading
posts about this kind of stuff, so I thought i would throw in this.
Found this on the version 0.7.1 version, the latest one i found on
freshmeat.net. I havent contacted the author since I dont know if this
is really a big deal or not.
Well, sorry for bothering and I hope I dont get flamed or anything
