Difference between revisions of "OWASPBWA Known Vulnerabilites"

From OWASP
Jump to: navigation, search
Line 13: Line 13:
 
| Reflected XSS<br>  
 
| Reflected XSS<br>  
 
| http://owaspbwa:8080/mandiant-struts-form-vulnerable/submitname.do<br>  
 
| http://owaspbwa:8080/mandiant-struts-form-vulnerable/submitname.do<br>  
| http://owaspbwa:8080/mandiant-struts-form-vulnerable/submitname.do?name=<script>alert(1)</script>&submit=Submit<br>
+
| http://owaspbwa:8080/mandiant-struts-form-vulnerable/submitname.do?name=%3Cscript%3Ealert%281%29%3C/script%3E&submit=Submit<br>
 
|-
 
|-
 
| 2<br>  
 
| 2<br>  

Revision as of 01:20, 22 October 2010

This page is a test of how we may catalog vulnerabilities in the OWASP BWA project.

Struts Forms

ID
Type
URL
Details
1
Reflected XSS
http://owaspbwa:8080/mandiant-struts-form-vulnerable/submitname.do
http://owaspbwa:8080/mandiant-struts-form-vulnerable/submitname.do?name=%3Cscript%3Ealert%281%29%3C/script%3E&submit=Submit
2




Simple ASP.NET Forms

WordPress version 2.0.0

phpBB version 2.0.0

Yazd version 1.0