来源:自学PHP网 时间:2015-04-17 13:02 作者: 阅读:次
[导读] 第一个: Vanilla About Me Plugin Persistant XSS VulnerabilityGo to http://www.2cto.com /index.php?p=/profile/editme/4/testmemberPost your XSS In any of the text fields, for this......
第一个: Vanilla About Me Plugin Persistant XSS Vulnerability
Go to http://www.2cto.com /index.php?p=/profile/editme/4/testmember Post your XSS In any of the text fields, for this we used the Real Name Field and the following XSS XSS: <script>alert('x')</script> Then if a user visits your about me page (http://www.2cto.com /index.php?p=/profile/aboutme/4/testmember) the script will execute 第二个:: Vanilla FirstLastNames 1.3.2 Plugin Persistant XSS Vulnerability On Edit your account enter your XSS String in either the first name or last name field. Then if a user visits your page the XSS will execute. http://www.2cto.com /index.php?p=/profile/myprofile/1/user XSS: <script>alert('x')</script> 第三个:Vanilla LatestComment 1.1 Plugin Persistant XSS Vulnerability Create a new thread with your XSS as the thread title, the XSS will appear on the index page of the forum. XSS: <script>alert('x')</script> |
自学PHP网专注网站建设学习,PHP程序学习,平面设计学习,以及操作系统学习
京ICP备14009008号-1@版权所有www.zixuephp.com
网站声明:本站所有视频,教程都由网友上传,站长收集和分享给大家学习使用,如由牵扯版权问题请联系站长邮箱904561283@qq.com