Difference between revisions of "OWASPBWA Known Vulnerabilites"

From OWASP
Jump to: navigation, search
(Created page with ' This page is a test of how we may catalog vulnerabilities in the OWASP BWA project. == Struts Forms == == Simple ASP.NET Forms == == WordPress version 2.0.0 == == phpBB ver…')
 
Line 1: Line 1:
 +
This page is a test of how we may catalog vulnerabilities in the OWASP BWA project.
  
This page is a test of how we may catalog vulnerabilities in the OWASP BWA project.
+
== Struts Forms  ==
  
== Struts Forms ==
+
{| width="200" cellspacing="1" cellpadding="1" border="1"
 +
|-
 +
| ID<br>
 +
| Type<br>
 +
| URL<br>
 +
| Details<br>
 +
|-
 +
| 1<br>
 +
| Reflected XSS<br>
 +
| http://owaspbwa:8080/mandiant-struts-form-vulnerable/submitname.do<br>
 +
| http://owaspbwa:8080/mandiant-struts-form-vulnerable/submitname.do?name=&lt;script&gt;alert(1)&lt;/script&gt;&amp;submit=Submit<br>
 +
|-
 +
| 2<br>
 +
| <br>
 +
| <br>
 +
| <br>
 +
|}
  
== Simple ASP.NET Forms ==
+
<br>
  
== WordPress version 2.0.0 ==  
+
== Simple ASP.NET Forms  ==
  
== phpBB version 2.0.0 ==
+
== WordPress version 2.0.0 ==
  
== Yazd version 1.0 ==
+
== phpBB version 2.0.0  ==
  
 +
== Yazd version 1.0  ==
  
 
[[Category:OWASPBWA]]
 
[[Category:OWASPBWA]]

Revision as of 01:17, 22 October 2010

This page is a test of how we may catalog vulnerabilities in the OWASP BWA project.

Contents

Struts Forms

ID
Type
URL
Details
1
Reflected XSS
http://owaspbwa:8080/mandiant-struts-form-vulnerable/submitname.do
http://owaspbwa:8080/mandiant-struts-form-vulnerable/submitname.do?name=<script>alert(1)</script>&submit=Submit
2




Simple ASP.NET Forms

WordPress version 2.0.0

phpBB version 2.0.0

Yazd version 1.0