XSSOOPS Scan Report For Page #73

This report gives details on information gathered through the penetration test analysis of http://xssoops.com/xss1.html/. Please examine the output to determine the possible vulnerabilities and address them as needed.

Page Request Details
Page Size	552
Header Size	215
Content Type	text/html; charset=utf-8
Download Time	0.10240 seconds
Request Method	POST
GET DATA
POST DATA	foo=&bar=%22%3Cxss00ps%3E%27%5C%5C%5C
Web Server Reponse	200 OK
Referring Page	http://www.google.com
Security Problems	1
Security Notices	0
PHP Warning Messages	0

PHP Warnings Report
Warning Type	Warning Text

[ return to top ]

Security Notices

Details

[ return to top ]

Security Vulnerabilities

Details

Vulnerability: Cross Site Scripting (XSS)
Attack Input: Form-Name: http://xssoops.com/xss1.html/ Field Name: bar

<html><head><title>Form</title></head> <body> You came from: http://www.google.com<form action="/xss1.html/" method="POST"> <input type="text" name="foo" /> <input type="hidden" name="bar" value="secret"/> <input type="submit" /> </form> foo = <br /> bar = "<xss00ps>'\\\<br /> Arbitrary args: my_cookie = my_value<br /> </body> </html>

[ return to top ]

This file was generated by XSSOOPS, the PHP security scanner.