腾讯论坛漏洞,快进来围观。该怎么处理
腾讯论坛漏洞,快进来围观。
http://sobar.soso.com/t/88488251?from=CSDN&url=Amysql.com&thisis=创新&BY=CSDN.net
蛋疼的腾讯过滤明显有问题,如果想……,你懂得拉。
上面那网址各位可以改后面的参数值玩玩,……
最后我写的MySql管理系统AMS 会在5月1发布哈,
希望各位多多支持,有什么新消息首发这里哈。
http://amysql.com
------解决方案--------------------
呵呵 连iframe都没过滤掉
检测参数生成js,lz把tx.php发出来给大伙瞧瞧吧
------解决方案--------------------
哇哈哈,的确太弱了
------解决方案--------------------
很无语!
<script><br />var thisis = "\u521b\u65b0";<br />var from = "CSDN";<br />var BY = "CSDN.net";<br /><br />alert("尊敬的" + from + "用户您好。\n\n我是马总,\n在这里我代表我公司--国内唯一跑在" + thisis + "前沿的腾讯科技对" + from + "广大用户表示最诚恳的问候。\n\n对于近段三石哥强烈谴责我、说我抄袭他的手机客户端APP, 我表示相当的无语啊,这都叫抄袭,这不是坑爹么。\n\n在这里我得声明一句,这不是抄袭……\n");<br />alert('这是叫:大量' + thisis + '!' + "\n\nBY:" + BY);<br />parent.location='http://amysql.com';<br /></script>
------解决方案--------------------
我不认为这是漏洞
如果是在页面中执行了用户写入的 js 代码,那可以说是漏洞
如果用户写入的 html 代码造成了页面显示不正常,那也可以说是漏洞
执行了用户的插入式框架,不能说是漏洞。用于 js 不能跨域,所以框架中的代码不会对页面产生威胁。相反可以使页面增色不少
更何况,效果是在客户端产生的,并不对服务端构成威胁
------解决方案--------------------
------解决方案--------------------
------解决方案--------------------
#24 不会吧
------解决方案--------------------
跨站脚本。。。。。。。。。。。
------解决方案--------------------
不是XSS吗,页面能运行你自定义的js代码,那你很有机会偷取浏览你这个页面的用户的cookie信息。
------解决方案--------------------
------解决方案--------------------
说到最后是可以用来引流量
------解决方案--------------------
大湿怎就不和谐了,说着说着就跑了,还想听你讲解呢
------解决方案--------------------
你是怎么测试出来tx的bug的啊
------解决方案--------------------
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
1675
14
1429
52
1333
25
1278
29
1257
24
Table Border in HTML
Sep 04, 2024 pm 04:49 PM
Guide to Table Border in HTML. Here we discuss multiple ways for defining table-border with examples of the Table Border in HTML.
Nested Table in HTML
Sep 04, 2024 pm 04:49 PM
This is a guide to Nested Table in HTML. Here we discuss how to create a table within the table along with the respective examples.
HTML margin-left
Sep 04, 2024 pm 04:48 PM
Guide to HTML margin-left. Here we discuss a brief overview on HTML margin-left and its Examples along with its Code Implementation.
HTML Table Layout
Sep 04, 2024 pm 04:54 PM
Guide to HTML Table Layout. Here we discuss the Values of HTML Table Layout along with the examples and outputs n detail.
HTML Input Placeholder
Sep 04, 2024 pm 04:54 PM
Guide to HTML Input Placeholder. Here we discuss the Examples of HTML Input Placeholder along with the codes and outputs.
How do you parse and process HTML/XML in PHP?
Feb 07, 2025 am 11:57 AM
This tutorial demonstrates how to efficiently process XML documents using PHP. XML (eXtensible Markup Language) is a versatile text-based markup language designed for both human readability and machine parsing. It's commonly used for data storage an
HTML Ordered List
Sep 04, 2024 pm 04:43 PM
Guide to the HTML Ordered List. Here we also discuss introduction of HTML Ordered list and types along with their example respectively
HTML onclick Button
Sep 04, 2024 pm 04:49 PM
Guide to HTML onclick Button. Here we discuss their introduction, working, examples and onclick Event in various events respectively.
