Skip to content
/ XssBadWebApp Public

A Intentionally Vulnerable Bad Web Application With XSS Vulnerabilities - *DO NOT USE!!!*

License

BSD-2-Clause license
5 stars 4 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

ircmaxell/XssBadWebApp

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

18 Commits
Application
Application
 
 
Controllers
Controllers
 
 
Exceptions
Exceptions
 
 
Models
Models
 
 
Utilities
Utilities
 
 
Views
Views
 
 
_cache/templates_c
_cache/templates_c
 
 
data
data
 
 
templates
templates
 
 
.gitignore
.gitignore
 
 
.htaccess
.htaccess
 
 
404.php
404.php
 
 
INSTALL
INSTALL
 
 
LICENSE
LICENSE
 
 
README.markdown
README.markdown
 
 
bootstrap.php
bootstrap.php
 
 
index.php
index.php
 
 

Repository files navigation

WARNING

DO NOT USE THIS APPLICATION!

This is a "Bad Web Application" that's designed to be vulnerable.

WARNING: FOR RESEARCH USE ONLY!

DISCLAIMER: This application is for education use only. Installing it on a public facing server will expose the server to several security vulnerabilities. The author takes absolutely no responsibility for any damage that may occur from the use or misuse of any of this code.

You have been warned.

Requirements

  • PHP >= 5.3

  • A Pear install of Smarty

  • A Pear install of Twig

Known Vulnerabilities

  • On 404 Error Page
    • Remote IP is displayed without escaping. Data is pulled from the X--Forwarded-For Header

TODO: Create a list of known vulnerabilities here

About

A Intentionally Vulnerable Bad Web Application With XSS Vulnerabilities - *DO NOT USE!!!*

Resources

Readme

License

BSD-2-Clause license
Activity

Stars

5 stars

Watchers

3 watching

Forks

4 forks
Report repository

Releases

No releases published

Packages

 
 
 

Languages