SHARE
TWEET

xssme.php

choirurrizal May 8th, 2019 183 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. <?php
  2. error_reporting(0);
  3. if(isset($_GET['p']) and gettype($_GET['p']) != "array"){
  4.     if(preg_match("/on\w+|<\w+\w+/",strtolower($_GET['p']))){
  5.         $show = str_replace(array("\"","<",">"),"",$_GET['p']);
  6.     }else{
  7.         $show = $_GET['p'];
  8.     }
  9. }else{
  10.     header("location:?p=test");
  11. }
  12.  
  13. echo "<!doctype html><a href=\"?p=$show\">click</a>";
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top