dimanche 4 décembre 2016

Would this work to execute xss on recent stackoverflow sql injection graph thingy?

Let's see

function qxss($x) {
    $sql = "SELECT * FROM post WHERE xssVal=`<svg/onload=alert(/q/)>` and postID = ".$x;
}

Apparently you need to add some more text, this is very annoying. This will be deleted soon.

Publié par à
Libellés :

Aucun commentaire:

Enregistrer un commentaire

Inscription à : Publier les commentaires (Atom)