Difference between revisions of "OWASPBWA Known Vulnerabilites"

From OWASP
Jump to: navigation, search
Line 5: Line 5:
 
{| width="200" cellspacing="1" cellpadding="1" border="1"
 
{| width="200" cellspacing="1" cellpadding="1" border="1"
 
|-
 
|-
| ID<br>
+
| ID<br>  
| Type<br>
+
| Type<br>  
| URL<br>
+
| URL<br>  
 
| Details<br>
 
| Details<br>
 
|-
 
|-
| 1<br>
+
| 1<br>  
| Reflected XSS<br>
+
| Reflected XSS<br>  
| http://owaspbwa:8080/mandiant-struts-form-vulnerable/submitname.do<br>
+
| http://owaspbwa:8080/mandiant-struts-form-vulnerable/submitname.do<br>  
| http://owaspbwa:8080/mandiant-struts-form-vulnerable/submitname.do?name=&lt;script&gt;alert(1)&lt;/script&gt;&amp;submit=Submit<br>
+
| http://owaspbwa:8080/mandiant-struts-form-vulnerable/submitname.do?name=<script>alert(1)</script>&submit=Submit<br>
 
|-
 
|-
| 2<br>
+
| 2<br>  
| <br>
+
| <br>  
| <br>
+
| <br>  
 
| <br>
 
| <br>
 
|}
 
|}
  
<br>
+
<br>  
  
 
== Simple ASP.NET Forms  ==
 
== Simple ASP.NET Forms  ==

Revision as of 01:19, 22 October 2010

This page is a test of how we may catalog vulnerabilities in the OWASP BWA project.

Contents

Struts Forms

ID
Type
URL
Details
1
Reflected XSS
http://owaspbwa:8080/mandiant-struts-form-vulnerable/submitname.do
http://owaspbwa:8080/mandiant-struts-form-vulnerable/submitname.do?name=<script>alert(1)</script>&submit=Submit
2




Simple ASP.NET Forms

WordPress version 2.0.0

phpBB version 2.0.0

Yazd version 1.0