-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathvuln-list.php
71 lines (62 loc) · 3.42 KB
/
vuln-list.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
<title>List of Included Vulnerabilities</title>
<center>
<p><h2><b>OWASP Top 10 2010</h2></p></b>
<hr>
<p><b><a href="http://www.owasp.org/index.php/Top_10_2017_A1" target="_blank">A1</a> - SQL Injection (SQLi)</p></b>
<a href="?page=login.php">Login</a><br>
<a href="?page=user-info.php">User info</a><br>
<a href="?page=register.php">Register</a><br>
<p><b> OS Command Injection</p></b>
<a href="?page=dns.php">DNS Lookup</a><br>
<a href="?page=ping.php">Ping Asset</a><br>
<br><hr>
<p><b><a href="http://www.owasp.org/index.php/Top_10_2010-A2" target="_blank">A2</a> - Cross Site Scripting (XSS)</a></p></b>
<a href="?page=enter-shift-log.php">Enter Shift Log</a><br>
<a href="?page=view-shift-logs.php">View Shift Log</a><br>
<a href="?page=browser-info.php">Browser Info</a><br>
<a href="?page=login-history.php">Login History</a><br>
<br><hr>
<p><b><a href="http://www.owasp.org/index.php/Top_10_2010-A3" target="_blank">A3</a> - Broken Authentication and Session Management</a></p></b>
<a href="index.php">Whole damn site</a><br>
<a href="?page=login.php">Login</a><br>
<a href="?page=user-info.php">User info</a><br>
<br><hr>
<p><b><a href="http://www.owasp.org/index.php/Top_10_2010-A4" target="_blank">A4</a> - Insecure Direct Object References</p></b>
<a href="?page=text-file-viewer.php">Text file viewer</a><br>
<a href="?page=source-viewer.php">Source viewer</a><br>
<a href="index.php">Whole damn site</a><br>
<br><hr>
<p><b><a href="http://www.owasp.org/index.php/Top_10_2010-A5" target="_blank">A5</a> - Cross Site Request Forgery (CSRF)</p></b>
<a href="?page=enter-shift-log.php">Enter Shift Log</a><br>
<a href="?page=view-shift-logs.php">View Shift Logs</a><br>
<a href="?page=login-history.php">Login History</a><br>
<br><hr>
<p><b><a href="http://www.owasp.org/index.php/Top_10_2010-A6" target="_blank">A6</a> - Security Misconfiguration</p></b>
<a href="index.php">Whole damn site</a><br>
<br><hr>
<p><b><a href="http://www.owasp.org/index.php/Top_10_2010-A7" target="_blank">A7</a> - Insecure Cryptographic Storage</a></p></b>
<a href="?page=user-info.php">User info</a><br>
<br><hr>
<p><b><a href="http://www.owasp.org/index.php/Top_10_2010-A8" target="_blank">A8</a> - Failure to Restrict URL Access</a></p></b>
Well, they exist, but if I pointed you to them that would miss the point. How would you find directories someone would want to hide?<br>
<br><hr>
<p><b><a href="http://www.owasp.org/index.php/Top_10_2010-A9" target="_blank">A9</a> - Insufficient Transport Layer Protection</a></p></b>
<a href="?page=login.php">Login</a><br>
<a href="?page=user-info.php">User info</a><br>
<br><hr>
<p><b><a href="http://www.owasp.org/index.php/Top_10_2010-A10" target="_blank">A10</a> - Unvalidated Redirects and Forwards</p></b>
<a href="?page=credits.php">Credits</a><br>
<br><hr>
<br>
<br>
<br>
<br>
<p><h2><b>Depreciated OWASP Top 10 2007 Vulnerbilities</h2></p></b>
<br><hr>
<p><b><a href="http://www.owasp.org/index.php/Top_10_2007-A3" target="_blank">A3</a> - Malicious File Execution</p></b>
<a href="?page=text-file-viewer.php">Text file viewer</a><br>
<a href="?page=source-viewer.php">Source viewer</a><br>
<br><hr>
<p><b><a href="http://www.owasp.org/index.php/Top_10_2007-A6" target="_blank">A6</a> - Information Leakage and Improper Error Handling</a></p></b>
<a href="index.php">Whole damn site</a><br>
</center>