Thursday, September 30, 2021
haos-Dicti0nar.ro electronic
Wednesday, September 29, 2021
glucozidă-Dicti0nar.ro electronic
Tuesday, September 28, 2021
nicotiană-Dicti0nar.ro electronic
Sunday, September 26, 2021
gambit-Dicti0nar.ro electronic
Saturday, September 25, 2021
Friday, September 24, 2021
echilibrism-Dicti0nar.ro electronic
echilibrism-Dicti0nar.ro electronic: antonime, conjugări, declinări, definiție, definiții, dex, dexonline, dicționar, dicți0nar, dicti0nar, electronic, sinonime, traducere
http://photosmemorables.canalb........ |
dishidroză-Dicti0nar.ro electronic
Thursday, September 23, 2021
18+ JavaScript Libraries for Creating Beautiful Charts - SitePoint
18+ JavaScript Libraries for Creating Beautiful Charts - SitePoint
About:
- Google Charts
ChartJS
ZingChart
etc.
muștiuc.-Dicti0nar.ro electronic
Monday, September 20, 2021
Vulnerability Type: XSS (Cross Site Scripting) / CWE-79
Recently, searching the net I found a vulnerability on the site sin0nime.com.
It is a Cross Site Scripting (XSS) vulnerability.
Visiting the original site is no danger, the site is safe and does not contain any malicious code. The problem occurs when a user sends a link, which he has previously modified, to another user. What can happen to you? A window may open with a message, you may be redirected to another site, etc.
Obviously I was curious to see what the vulnerability was, and I did the research on openbugbounty.org. He was the same guy who reported another vulnerability a few months ago.
Continuing the research, I also found out the code that was used to discover the vulnerability.
Here is the code used:
/dex/index.php?m=0">ScanT3r<svg/onload=confirm(/ScanT3r/)>web"&cheie=Stringent
Another example of malicious script:
cheie="></title></script><svg/onload=alert(1)>&m="></title></script><svg/onload=alert(1)>
In fact, here is a screenshot with some tentative:
The solution is simple, the input data must be verified and validated and modified if necessary. Another solution is to use a class designed specifically for this, e.g. HTML Purifier.
Example,
m = 0 "> ScanT3r <svg / onload = confirm (/ ScanT3r /)> web"
will become
m = 0
Saturday, September 18, 2021
85% Off Macy's Coupon Codes | 2021 Promo Codes | Dictionar sinonime
85% Off Macy's Coupon Codes | 2021 Promo Codes | Dictionar sinonime: Save 85% Off from today's popular Macy's coupon codes and sales. Never miss a chance to seize 25 tested Macy's promotions for extra savings and free shipping.