This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "OWASPBWA Known Vulnerabilites"
From OWASP
Chuck Willis (talk | contribs) |
Chuck Willis (talk | contribs) |
||
| Line 1: | Line 1: | ||
This page is a test of how we may catalog vulnerabilities in the OWASP BWA project. | This page is a test of how we may catalog vulnerabilities in the OWASP BWA project. | ||
| − | + | = Struts Forms = | |
{| width="200" cellspacing="1" cellpadding="1" border="1" | {| width="200" cellspacing="1" cellpadding="1" border="1" | ||
| Line 13: | Line 13: | ||
| Reflected XSS<br> | | Reflected XSS<br> | ||
| http://owaspbwa:8080/mandiant-struts-form-vulnerable/submitname.do<br> | | http://owaspbwa:8080/mandiant-struts-form-vulnerable/submitname.do<br> | ||
| − | | http://owaspbwa:8080/mandiant-struts-form-vulnerable/submitname.do?name=%3Cscript%3Ealert%281%29%3C/script%3E&submit=Submit | + | | Visit http://owaspbwa:8080/mandiant-struts-form-vulnerable/submitname.do?name=%3Cscript%3Ealert%281%29%3C/script%3E&submit=Submit to demonstrate this issue. |
|- | |- | ||
| 2<br> | | 2<br> | ||
| Line 23: | Line 23: | ||
<br> | <br> | ||
| − | + | = Simple ASP.NET Forms = | |
| − | + | = WordPress version 2.0.0 = | |
== phpBB version 2.0.0 == | == phpBB version 2.0.0 == | ||
Revision as of 06:26, 22 October 2010
This page is a test of how we may catalog vulnerabilities in the OWASP BWA project.
Struts Forms
| ID |
Type |
URL |
Details |
| 1 |
Reflected XSS |
http://owaspbwa:8080/mandiant-struts-form-vulnerable/submitname.do |
Visit http://owaspbwa:8080/mandiant-struts-form-vulnerable/submitname.do?name=%3Cscript%3Ealert%281%29%3C/script%3E&submit=Submit to demonstrate this issue. |
| 2 |
|
|
|
