OWASPBWA Known Vulnerabilites

From OWASP
Revision as of 01:45, 22 October 2010 by Chuck Willis (Talk | contribs)

Jump to: navigation, search

This page is a test of how we may catalog vulnerabilities in the OWASP BWA project.

This page is still in testing. It is likely that putting all these issues on one page will be too large and we'll need to break it into a separate page per application.

Contents

Struts Forms

ID
Type
URL
Details
1
Reflected XSS
http://owaspbwa:8080/mandiant-struts-form-vulnerable/submitname.do
Visit http://owaspbwa:8080/mandiant-struts-form-vulnerable/submitname.do?name=%3Cscript%3Ealert%281%29%3C/script%3E&submit=Submit to demonstrate this issue.
2




Simple ASP.NET Forms

OWASP VicNum

ID
Type
URL
Details
1
Reflected XSS
http://owaspbwa/vicnum/cgi-bin/vicnum1.pl
Visit http://owaspbwa/vicnum/cgi-bin/vicnum1.pl?player=Foo%3Cscript%3Ealert%281%29%3C%2Fscript%3E to demonstrate this issue.
2
Reflected XSS
http://owaspbwa/vicnum/vicnum5.php
To illustrate this issue, send a POST request


POST http://owaspbwa/vicnum/vicnum5.php

player=<script>alert(1)</script>

3
State Manipulation

When playing the game, the "correct" answer is stored in Base64 encoded form in a hidden form field named VIEWSTATE. An attacker can decode this value in order to determine the correct answer to the game or manipulate it.

WordPress version 2.0.0

phpBB version 2.0.0

Yazd version 1.0