This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "OWASPBWA Known Vulnerabilites"
From OWASP
Chuck Willis (talk | contribs) |
Chuck Willis (talk | contribs) |
||
| Line 13: | Line 13: | ||
| Reflected XSS<br> | | Reflected XSS<br> | ||
| http://owaspbwa:8080/mandiant-struts-form-vulnerable/submitname.do<br> | | http://owaspbwa:8080/mandiant-struts-form-vulnerable/submitname.do<br> | ||
| − | | Visit http://owaspbwa:8080/mandiant-struts-form-vulnerable/submitname.do?name=%3Cscript%3Ealert%281%29%3C/script%3E&submit=Submit to demonstrate this issue. | + | | Visit http://owaspbwa:8080/mandiant-struts-form-vulnerable/submitname.do?name=%3Cscript%3Ealert%281%29%3C/script%3E&submit=Submit to demonstrate this issue. |
|- | |- | ||
| 2<br> | | 2<br> | ||
| Line 24: | Line 24: | ||
= Simple ASP.NET Forms = | = Simple ASP.NET Forms = | ||
| + | |||
| + | = OWASP VicNum<br> = | ||
| + | |||
| + | {| width="200" cellspacing="1" cellpadding="1" border="1" | ||
| + | |- | ||
| + | | ID<br> | ||
| + | | Type<br> | ||
| + | | URL<br> | ||
| + | | Details<br> | ||
| + | |- | ||
| + | | 1<br> | ||
| + | | Reflected XSS<br> | ||
| + | | http://owaspbwa/vicnum/cgi-bin/vicnum1.pl<br> | ||
| + | | Visit http://owaspbwa/vicnum/cgi-bin/vicnum1.pl?player=Foo%3Cscript%3Ealert%281%29%3C%2Fscript%3E to demonstrate this issue. | ||
| + | |- | ||
| + | | 2<br> | ||
| + | | Reflected XSS<br> | ||
| + | | http://owaspbwa/vicnum/vicnum5.php<br> | ||
| + | | To illustrate this issue, send a POST request | ||
| + | <br>POST http://owaspbwa/vicnum/vicnum5.php | ||
| + | |||
| + | player=<script>alert(1)</script><br> | ||
| + | |||
| + | |- | ||
| + | | 3<br> | ||
| + | | State Manipulation<br> | ||
| + | | <br> | ||
| + | | When playing the game, the "correct" answer is stored in Base64 encoded form in a hidden form field named VIEWSTATE. An attacker can decode this value in order to determine the correct answer to the game or manipulate it.<br> | ||
| + | |} | ||
= WordPress version 2.0.0 = | = WordPress version 2.0.0 = | ||
| − | + | = phpBB version 2.0.0 = | |
| − | + | = Yazd version 1.0 = | |
[[Category:OWASPBWA]] | [[Category:OWASPBWA]] | ||
Revision as of 06:36, 22 October 2010
This page is a test of how we may catalog vulnerabilities in the OWASP BWA project.
Struts Forms
| ID |
Type |
URL |
Details |
| 1 |
Reflected XSS |
http://owaspbwa:8080/mandiant-struts-form-vulnerable/submitname.do |
Visit http://owaspbwa:8080/mandiant-struts-form-vulnerable/submitname.do?name=%3Cscript%3Ealert%281%29%3C/script%3E&submit=Submit to demonstrate this issue. |
| 2 |
|
|
|
Simple ASP.NET Forms
OWASP VicNum
| ID |
Type |
URL |
Details |
| 1 |
Reflected XSS |
http://owaspbwa/vicnum/cgi-bin/vicnum1.pl |
Visit http://owaspbwa/vicnum/cgi-bin/vicnum1.pl?player=Foo%3Cscript%3Ealert%281%29%3C%2Fscript%3E to demonstrate this issue. |
| 2 |
Reflected XSS |
http://owaspbwa/vicnum/vicnum5.php |
To illustrate this issue, send a POST request
player=<script>alert(1)</script> |
| 3 |
State Manipulation |
|
When playing the game, the "correct" answer is stored in Base64 encoded form in a hidden form field named VIEWSTATE. An attacker can decode this value in order to determine the correct answer to the game or manipulate it. |
