This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "OWASPBWA Known Vulnerabilites"
From OWASP
Chuck Willis (talk | contribs) |
Chuck Willis (talk | contribs) |
||
| Line 5: | Line 5: | ||
{| width="200" cellspacing="1" cellpadding="1" border="1" | {| width="200" cellspacing="1" cellpadding="1" border="1" | ||
|- | |- | ||
| − | | ID<br> | + | | ID<br> |
| − | | Type<br> | + | | Type<br> |
| − | | URL<br> | + | | URL<br> |
| Details<br> | | Details<br> | ||
|- | |- | ||
| − | | 1<br> | + | | 1<br> |
| − | | Reflected XSS<br> | + | | Reflected XSS<br> |
| − | | http://owaspbwa:8080/mandiant-struts-form-vulnerable/submitname.do<br> | + | | http://owaspbwa:8080/mandiant-struts-form-vulnerable/submitname.do<br> |
| − | | http://owaspbwa:8080/mandiant-struts-form-vulnerable/submitname.do?name= | + | | http://owaspbwa:8080/mandiant-struts-form-vulnerable/submitname.do?name=<script>alert(1)</script>&submit=Submit<br> |
|- | |- | ||
| − | | 2<br> | + | | 2<br> |
| − | | <br> | + | | <br> |
| − | | <br> | + | | <br> |
| <br> | | <br> | ||
|} | |} | ||
| − | <br> | + | <br> |
== Simple ASP.NET Forms == | == Simple ASP.NET Forms == | ||
Revision as of 06:19, 22 October 2010
This page is a test of how we may catalog vulnerabilities in the OWASP BWA project.
Struts Forms
| ID |
Type |
URL |
Details |
| 1 |
Reflected XSS |
http://owaspbwa:8080/mandiant-struts-form-vulnerable/submitname.do |
http://owaspbwa:8080/mandiant-struts-form-vulnerable/submitname.do?name=<script>alert(1)</script>&submit=Submit |
| 2 |
|
|
|
