This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "OWASPBWA Known Vulnerabilites"
From OWASP
Chuck Willis (talk | contribs) |
Chuck Willis (talk | contribs) |
||
| Line 3: | Line 3: | ||
= Struts Forms = | = Struts Forms = | ||
| − | {| | + | {| cellspacing="1" cellpadding="1" border="1" |
|- | |- | ||
| ID<br> | | ID<br> | ||
| Line 27: | Line 27: | ||
= OWASP VicNum<br> = | = OWASP VicNum<br> = | ||
| − | {| | + | {| cellspacing="1" cellpadding="1" border="1" |
|- | |- | ||
| ID<br> | | ID<br> | ||
| Line 39: | Line 39: | ||
| Visit http://owaspbwa/vicnum/cgi-bin/vicnum1.pl?player=Foo%3Cscript%3Ealert%281%29%3C%2Fscript%3E to demonstrate this issue. | | Visit http://owaspbwa/vicnum/cgi-bin/vicnum1.pl?player=Foo%3Cscript%3Ealert%281%29%3C%2Fscript%3E to demonstrate this issue. | ||
|- | |- | ||
| − | | 2<br> | + | | 2<br> |
| − | | Reflected XSS<br> | + | | Reflected XSS<br> |
| − | | http://owaspbwa/vicnum/vicnum5.php<br> | + | | http://owaspbwa/vicnum/vicnum5.php<br> |
| To illustrate this issue, send a POST request | | To illustrate this issue, send a POST request | ||
| − | <br>POST http://owaspbwa/vicnum/vicnum5.php | + | <br>POST http://owaspbwa/vicnum/vicnum5.php |
| − | player=<script>alert(1)</script><br> | + | player=<script>alert(1)</script><br> |
|- | |- | ||
Revision as of 06:38, 22 October 2010
This page is a test of how we may catalog vulnerabilities in the OWASP BWA project.
Struts Forms
| ID |
Type |
URL |
Details |
| 1 |
Reflected XSS |
http://owaspbwa:8080/mandiant-struts-form-vulnerable/submitname.do |
Visit http://owaspbwa:8080/mandiant-struts-form-vulnerable/submitname.do?name=%3Cscript%3Ealert%281%29%3C/script%3E&submit=Submit to demonstrate this issue. |
| 2 |
|
|
|
Simple ASP.NET Forms
OWASP VicNum
| ID |
Type |
URL |
Details |
| 1 |
Reflected XSS |
http://owaspbwa/vicnum/cgi-bin/vicnum1.pl |
Visit http://owaspbwa/vicnum/cgi-bin/vicnum1.pl?player=Foo%3Cscript%3Ealert%281%29%3C%2Fscript%3E to demonstrate this issue. |
| 2 |
Reflected XSS |
http://owaspbwa/vicnum/vicnum5.php |
To illustrate this issue, send a POST request
player=<script>alert(1)</script> |
| 3 |
State Manipulation |
|
When playing the game, the "correct" answer is stored in Base64 encoded form in a hidden form field named VIEWSTATE. An attacker can decode this value in order to determine the correct answer to the game or manipulate it. |
