Ok, i gotta give props to my man jungsonn, he is the first one who add my blog into his own personal site. Thank you so much. Recently, i had been reading a lot in sla.ckers.org and Rsnake wanna see if there are any XSS in networking devices or web servers, i came up with a few. You can check the topic here: http://sla.ckers.org/forum/read.php?6,114
Basically, i discover a few XSS flaws in IIS 6.0 and BEA Weblogic Server during a pentest project and also during my audit of a Telco, i discovered a weak session ID in a siebel CRM application. There is a video of it, but to protect the customer, i will not post it online. Yall can read more abt it in sla.ckers.org forum as mentioned above.
I am going to post more commands soon with my testing. Stay tuned.