owaspbwa tickets

来源 https://sourceforge.net/p/owaspbwa/tickets/

192 SQL Injection in pic_id parameter Peruggia High
191 1 AWStats Medium
190 GetBoo reflected XSS in http://owaspbwa/getboo/psearch.php GetBoo Medium
34 CSRF to change password and e-mail CSRF Yazd Medium
33 Lack of access controls Peruggia Medium
32 Reflected XSS Peruggia Medium
31 Local File Inclusion Peruggia Medium
30 SQL Injection Login Bypass Peruggia High
29 Directory Traversal Peruggia Medium
28 INSERT SQL Inection OWASP Vicnum High
27 AppSensor viewProfile lack of access control OWASP AppSensor Demo Application Medium
26 GetBoo Email Forgotten Password SQL injection GetBoo High
25 GetBoo Email Forgotten Password SQL injection GetBoo High
24 GetBoo stored XSS XSS, stored, cross, site, scripting GetBoo Medium
23 Vanilla SQL Injection OWASP Vicnum Medium
22 Remote PHP Injection (CVE-2007-5423) TikiWiki High
21 Cross-site scripting (XSS) vulnerability in tiki-featured_link.php (CVE-2006-5703) XSS TikiWiki Medium
20 Directory traversal in tiki-listmovies.php (CVE-2007-6528) TikiWiki Medium
19 XSS vulnerability in tiki-special_chars.php (CVE-2007-6526) XSS TikiWiki Medium
18 CVE-2008-1047 XSS TikiWiki Medium
15 Reflected XSS in http://owaspbwa/yazd/bay/account.jsp Yazd Medium
14 Reflected XSS in http://owaspbwa/yazd/bay/post.jsp Yazd Medium
13 Reflected XSS in http://owaspbwa/gtd-php/editList.php GTD-PHP Medium
12 Reflected XSS in http://owaspbwa/gtd-php/editChecklist.php GTD-PHP Medium
11 Internal Path Disclosure AWStats _Low
10 Open Redirect AWStats _Low
9 Malicious File Execution WordPress High
8 SQL Injection WordPress High
7 SQL Injection WordPress High
6 Command Injection WordPress High
5 Reflected XSS in http://owaspbwa/mono/simple-reflected-xss.aspx Simple ASP.NET Forms Medium
4 Reflected XSS in http://owaspbwa/vicnum/vicnum5.php OWASP Vicnum Medium
3 State Manipulation OWASP Vicnum High
2 Reflected XSS in http://owaspbwa/mandiant-struts-form-vulnerable/submitname.do Mandiant Struts Forms Medium
1 Reflected XSS in http://owaspbwa/vicnum/cgi-bin/vicnum1.pl

相关阅读:
懒加载和 json
[iOS]用instancetype代替id作返回类型有什么好处？
(转)Objective-C语法之KVC使用
UITableView 展示数据
shopee
防火墙
vue项目开发技巧
文件流
vant
node 使用

原文地址：https://www.cnblogs.com/lsgxeva/p/8452342.html