Vunrable code!
<?php
//This is where the vulnerable is.
$data = $_GET['user'];
// where it displays the vulnerable.
echo $data;
?>
<!DOCTYPE html>
<head>
<title>Submit</title>
</head>
<body>
<form method = "get">
User: <input type="text" name="user" /><br />
<input type="button" value ="submit" />
</form>
</body>
</html>Written by Chris
Related protips
3 Responses
Vunrable?
This protip doesn't explain what's this vulnerability about. Actually the only vulnerability there is an XSS.
over 1 year ago
·
yea sorry about that still learning coderwalls interface, You can also do LFI and get phpinfo(); with that code.
over 1 year ago
·
How do you get phpinfo() with that code?
over 1 year ago
·
Have a fresh tip? Share with Coderwall community!
Post
Post a tip
Best
#Php
Authors
Sponsored by #native_company# — Learn More
#native_title#
#native_desc#