Difference between revisions of "OWASPBWA Known Vulnerabilites"

From OWASP
Jump to: navigation, search
Line 1: Line 1:
 
This page is a test of how we may catalog vulnerabilities in the OWASP BWA project.  
 
This page is a test of how we may catalog vulnerabilities in the OWASP BWA project.  
  
== Struts Forms  ==
+
= Struts Forms  =
  
 
{| width="200" cellspacing="1" cellpadding="1" border="1"
 
{| width="200" cellspacing="1" cellpadding="1" border="1"
Line 13: Line 13:
 
| Reflected XSS<br>  
 
| Reflected XSS<br>  
 
| http://owaspbwa:8080/mandiant-struts-form-vulnerable/submitname.do<br>  
 
| http://owaspbwa:8080/mandiant-struts-form-vulnerable/submitname.do<br>  
| http://owaspbwa:8080/mandiant-struts-form-vulnerable/submitname.do?name=%3Cscript%3Ealert%281%29%3C/script%3E&submit=Submit<br>
+
| Visit http://owaspbwa:8080/mandiant-struts-form-vulnerable/submitname.do?name=%3Cscript%3Ealert%281%29%3C/script%3E&submit=Submit to demonstrate this issue.
 
|-
 
|-
 
| 2<br>  
 
| 2<br>  
Line 23: Line 23:
 
<br>  
 
<br>  
  
== Simple ASP.NET Forms  ==
+
= Simple ASP.NET Forms  =
  
== WordPress version 2.0.0  ==
+
= WordPress version 2.0.0  =
  
 
== phpBB version 2.0.0  ==
 
== phpBB version 2.0.0  ==

Revision as of 01:26, 22 October 2010

This page is a test of how we may catalog vulnerabilities in the OWASP BWA project.

Contents

Struts Forms

ID
Type
URL
Details
1
Reflected XSS
http://owaspbwa:8080/mandiant-struts-form-vulnerable/submitname.do
Visit http://owaspbwa:8080/mandiant-struts-form-vulnerable/submitname.do?name=%3Cscript%3Ealert%281%29%3C/script%3E&submit=Submit to demonstrate this issue.
2




Simple ASP.NET Forms

WordPress version 2.0.0

phpBB version 2.0.0

Yazd version 1.0