我的博客:xrsec.eu.org
打码也没用😂
最近一直闲的无聊,然后刚好在配置友链
遂来一波XSS
xss-1
评论处存在XSS
1 | <svg/onload = alert(1);> |
评论xss钓鱼
xss挂马
xss killadmin
xss盗取明文
这个就不发了😂
搜索框xss
两个 一个反射 一个存储
顺便分享一个指纹
1 | "https://github.com/reruin/sharelist" |
XRSec has the right to modify and interpret this article. If you want to reprint or disseminate this article, you must ensure the integrity of this article, including all contents such as copyright notice. Without the permission of the author, the content of this article shall not be modified or increased or decreased arbitrarily, and it shall not be used for commercial purposes in any way
本博客所有文章除特别声明外,均采用 CC BY-NC-SA 4.0 许可协议。转载请注明来自 XR-SEC!
评论